As long as the connection between the application and the database uses TCP, you can use the SSH channel to authenticate...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to each other and increase security against different kinds of attacks. To use SSH for a variety of services you should use port redirection.
To enable a Web application to authenticate to your database you will need to put an SSH client on the Web server and an SSH server on the database server. SSH can then encrypt passwords and network traffic between your Web and database servers, thus preventing eavesdropping, IP spoofing, IP source routing, DNS spoofing and other network-level attacks.
You can receive free, open source implementations at http://www.openssh.com or commercial versions including Windows versions at http://www.ssh.com. There are two versions of SSH, SSH Secure Shell Version 1 and Secure Shell Version 2. SSH1 is not as secure as SSH2 and is gradually being withdrawn from use. SSH2 is actually a complete rewrite of the protocol, and it does not use the same networking implementation as SSH1, so make sure you use SSH2. A good SSH "how-to" can be found at http://p25ext.lanl.gov/ssh/ssh-howto.html.
Dig Deeper on Database Security Management
Related Q&A from Michael Cobb
A digital signature on an HTML5 document cannot be authenticated the same way a PDF can. Expert Michael Cobb explains how enterprises should address ...continue reading
A survey found that half of its respondents perform application updates daily. Expert Michael Cobb explains how to allocate appropriate time on ...continue reading
Many large enterprises have their own internal public key infrastructure. Expert Michael Cobb explains the considerations organizations should make ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.