Reid Priedhorsky wrote: > Hi folks, > > I would like to access a remote Postgres server from a Python program in a > secure way. Postgres doesn't currently listen to the Internet for > connections, and I'd prefer to keep it that way. > > I know how to forward ports using SSH, but I don't like doing this because > then anyone who knows the port number can connect to Postgres over the > same tunnel. (I'm not the only user on the client machine.) > > What I envision is something like wrapping an SSH connection which then > opens psql once connected, but I'm not too picky. > > Both Postgres and the Python program are running on Linux. > > Any ideas? > > Thanks very much for any help. > > Reid
Use port forwarding over SSH and use only pubkey authorization so that you put their pubkey in authorized_keys on the server for SSH connection. Put something like 'LocalForward 3308 databaseserver:3308' in your ssh client config file (I don't know if you are using putty or cygwin) and then point the Python program to localhost:3308 This then gets redirected to proper port on the remote machine. Works great and the traffic is encrypted and I know who the user is because they can't connect until they give me their pubkey and I put on the server and they must have their private key AND passphrase to establish the SSH connection. I use this to run pgAdmin III remotely through a firewall to my database server. -Larry Bates -- http://mail.python.org/mailman/listinfo/python-list
