List:MySQL++« Previous MessageNext Message »
From:Thomas Werth Date:February 12 2008 6:47am
Subject:Re: possible bug in rc3 ?
View as plain text  
Hi Warren,

i should have taken a deeper look on --ssl option, thanks for 
clarification.
Well "my" ssl solution needs to run without any setup on multiple 
systems, so ssh is not best choice for this task. Anyway i have to admit 
ssh or even a linux-system in a virtual box is much more handy than putty :)

thx for very kind support, i'll look up mysql documentations

Thomas


Warren Young schrieb:
> Thomas Werth wrote:
>> mysql -u user -ppassword --ssl
>> works without any problems.
> 
>  From the MySQL manual, on --ssl:
> 
> "This option is not sufficient in itself to cause an SSL connection to 
> be used. You must also specify the --ssl-ca option, and possibly the 
> --ssl-cert and --ssl-key options."
> 
> I'm not sure if having the values in my.cnf suffices, but what I am sure 
> about is that I tried your command here on my system, and it let me log 
> in without complaint.  I have *no* SSL of any kind going on on this 
> machine.  Clearly it's quietly falling back to plaintext if it can't do 
> SSL for whatever reason.
> 
> While Googling for the above, I couldn't find examples of successful 
> Windows SSL setups; it was all from the Unixy perspective.
> 
> The only thing I found that looks like it should work is this:
> 
> http://dev.mysql.com/doc/refman/5.0/en/windows-and-ssh.html
> 
> It gives the same security as SSL, but without needing special help on 
> the client or server side, since ssh generally Just Works (TM).  The 
> downside is that it's a little more involved to set up each individual 
> connection.  I use much this same setup to do things like accessing a 
> web server that's behind a firewall that only lets ssh through.  It 
> works beautifully, and I can second the recommendation for SecureCRT.  I 
> *live* in SecureCRT on my Windows machine, and have for years.  It's 
> just plain awesome.  I shake my head when I see people recommending 
> PuTTY instead...dreadful software...ptui!  If you had to have something 
> free, I'd recommend using Cygwin's command-line ssh over PuTTY, any day.
> 
> If you need real SSL, I suggest you take it up on the main MySQL mailing 
> list.  It's probably just a configuration problem somewhere.
> 

Thread
possible bug in rc3 ?Thomas Werth7 Feb
  • Re: possible bug in rc3 ?Warren Young7 Feb
    • Re: possible bug in rc3 ?Thomas Werth8 Feb
      • Re: possible bug in rc3 ?Warren Young9 Feb
        • Re: possible bug in rc3 ?Thomas Werth11 Feb
          • Re: possible bug in rc3 ?Thomas Werth11 Feb
            • Re: possible bug in rc3 ?Warren Young12 Feb
              • Re: possible bug in rc3 ?Thomas Werth12 Feb