Re: How to secure SSH from low security app server to high security DB server?
- From: Jeff B <jbeardNo-Spam1185@xxxxxxxxxxxx>
- Date: Sun, 18 Dec 2005 20:08:00 -0800
Snewber wrote:
We need to be able to run commands from a low security application server (as this is running web servers and thus a large number of people have access to the web servers) to a high security database server. I would like to use SSH (maybe a locked down ssh server) to do this but the system administrators will not allow this as they say that if a bug is found with the SSH server then the secure database server could be compromised by the compromised SSH server. The sysadmins want us to come up with another way of running commands on the database server from the application server.
I think that doing it another way is like reinventing the wheel, why use another method when SSH was probably designed to do this? Or, is there a better way of doing this?
LOW SECURITY APPLICATION SERVER
----------FIREWALL-------------
HIGH SECURITY DATABASE SERVER
have the admin setup protocol 2 pass=phrase authentication and deny all other forms. (s)he should be VERY pleased with that level of login as it requires your public key file to be located on the target ssh server.
-- --- Jeff B (remove the No-Spam to reply) .
- Follow-Ups:
- References:
- Prev by Date: How to secure SSH from low security app server to high security DB server?
- Next by Date: Re: How to secure SSH from low security app server to high security DB server?
- Previous by thread: How to secure SSH from low security app server to high security DB server?
- Next by thread: Re: How to secure SSH from low security app server to high security DB server?
- Index(es):
Relevant Pages
|
|
