As long as the connection between the application and the database uses TCP, you can use the SSH channel to authenticate to each other and increase security against different kinds of attacks. To use SSH for a variety of services you should use port redirection.
To enable a Web application to authenticate to your database you will need to put an SSH client on the Web server and an SSH server on the database server. SSH can then encrypt passwords and network traffic between your Web and database servers, thus preventing eavesdropping, IP spoofing, IP source routing, DNS spoofing and other network-level attacks.
You can receive free, open source implementations at http://www.openssh.com or commercial versions including Windows versions at http://www.ssh.com. There are two versions of SSH, SSH Secure Shell Version 1 and Secure Shell Version 2. SSH1 is not as secure as SSH2 and is gradually being withdrawn from use. SSH2 is actually a complete rewrite of the protocol, and it does not use the same networking implementation as SSH1, so make sure you use SSH2. A good SSH "how-to" can be found at http://p25ext.lanl.gov/ssh/ssh-howto.html.
Dig Deeper on Database Security Management-Enterprise Data Protection
Related Q&A from Michael Cobb
Explore the differences between symmetric vs. asymmetric encryption algorithms, including common uses and examples of both, as well as their pros and... Continue Reading
WhatsApp vulnerabilities can enable hackers to bypass end-to-end encryption and spoof messages. Expert Michael Cobb explains how these attacks work ... Continue Reading
Disabling Google location tracking involves more than turning off Location History. Learn how to manage your account settings to stop tracking ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.