You may also look at SSH port forwarding, this allows you to create an encrypted tunnel between the two machines, then you connect to the local port, the data gets encrypted sent across the wire and decrypted at the destination.
Look at -L in your ssh man or search google for ssh tunneling stunnel is nice because you don't have to leave an ssh connection open. Checkout http://www.commandprompt.com/ppbook/index.lxp?lxpwrap=x16230%2ehtm#USINGSTUN NELREMOTELY for more info on configuring stunnel, the reference is for PostgreSQL but the stunnel part is not db dependant. Jason -----Original Message----- From: Stefen Lars [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 9:24 AM To: [EMAIL PROTECTED] Subject: [PHP] Secure MySQL connections in PHP with 'stunnel' Hello all I have written a very simple PHP script to copy the data from one MySQL database table on SERVERA to another MySQL database table on SERVERB. Using PHP, I simply connect to each server and copy the data across. That works well. However, natively, MySQL works with clear text. i.e. the data is copied across the Internet in clear text (a bad thing). I would now like encrypt the MySQL data between SERVERA and SERVERB. After searching with Google, I see that stunnel is a tool to use. However, I have been trying with no avail to create an encrypted connection between the two servers from MySQL to work. Following the instructions at: http://www.zataz.net/php-stunnel-tuneling.php I have come up with the following: SERVERA (master) /usr/local/sbin/stunnel -f -P/tmp/ -c -d 3308 -r SERVERA:3307 /usr/local/sbin/stunnel -f -P/tmp/ -p /usr/local/ssl/certs/stunnel.pem -d 3307 -r 3306 SERVERB (slave) /usr/local/sbin/stunnel -f -P/tmp/ -c -d 3308 -r SERVERB:3307 /usr/local/sbin/stunnel -f -P/tmp/ -p /usr/local/ssl/certs/stunnel.pem -d 3307 -r 3306 This does not work. When I connect to the slave with: <?PHP $db_link = mysql_connect(SERVERB:3308, "User", "Pwd") or die("Cannot connect to db"); mysql_select_db("DBNAME",$db_link) or die("Cannot select MASTER db\n"); ?> and select / insert data into SERVERB, the data is selected / inserted to the database on SERVERA. This is very strange. Has anyone else tried using stunnel to achieve what I want to do? If so, I would REALLY like to hear how you achieve the encrypted link. Or are there other ways of securely coping data from one MySQL server to another? Using stunnel seems rather fiddly... Any comments on this subject will be well received. Stefen _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
