As long as the connection between the application and the database uses TCP, you can use the SSH channel to authenticate...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to each other and increase security against different kinds of attacks. To use SSH for a variety of services you should use port redirection.
To enable a Web application to authenticate to your database you will need to put an SSH client on the Web server and an SSH server on the database server. SSH can then encrypt passwords and network traffic between your Web and database servers, thus preventing eavesdropping, IP spoofing, IP source routing, DNS spoofing and other network-level attacks.
You can receive free, open source implementations at http://www.openssh.com or commercial versions including Windows versions at http://www.ssh.com. There are two versions of SSH, SSH Secure Shell Version 1 and Secure Shell Version 2. SSH1 is not as secure as SSH2 and is gradually being withdrawn from use. SSH2 is actually a complete rewrite of the protocol, and it does not use the same networking implementation as SSH1, so make sure you use SSH2. A good SSH "how-to" can be found at http://p25ext.lanl.gov/ssh/ssh-howto.html.
Dig Deeper on Database Security Management
Related Q&A from Michael Cobb
Attackers using crafted TIFF images can exploit flaws in the LibTIFF library to carry out remote code execution. Expert Michael Cobb explains how ...continue reading
Companies and government agencies handling criminal justice information need to comply with CJIS Security Policy. Expert Michael Cobb explains the ...continue reading
An Intel chip flaw lets attackers bypass ASLR protection on most operating systems. Expert Michael Cobb explains the vulnerability and how to prevent...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.