From owner-freebsd-security Thu Apr 20 2: 2:16 2000 Delivered-To: freebsd-security@freebsd.org Received: from bofh.banat.ro (bofh.banat.ro [193.230.196.3]) by hub.freebsd.org (Postfix) with ESMTP id 210C737BDDA for ; Thu, 20 Apr 2000 02:02:04 -0700 (PDT) (envelope-from camelia@office.banat.ro) Received: from office.banat.ro (camelia@bofh.banat.ro [193.230.196.3]) by bofh.banat.ro (8.9.3/8.9.3) with ESMTP id MAA22993; Thu, 20 Apr 2000 12:01:52 +0300 (EEST) Message-ID: <38FEC780.24BC377B@office.banat.ro> Date: Thu, 20 Apr 2000 12:01:52 +0300 From: Camelia Nastase Organization: AS Computer GBG X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 3.4-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Dan Langille Cc: freebsd-security@FreeBSD.ORG Subject: Re: using mysql over ssh References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dan Langille wrote: > > I want to access a mysql database remotely. I've had success with the > following approach: > > ssh user@mydomain.org /usr/local/mysql/bin/mysql -uuserid > -ppassword dbname < mysql.sql > > where mysql.sql contains the SQL statements I wish to run. > > I have two issues with this approach: > > 1 - The mysql password is supplied on the command line. I don't like > that. How can I avoid that? give yourself permissions to connect remotely ro the server, then mysql -h remote_host -u userid --password= dbname. that if you have mysql_client on the machine you work on. > > 2 - To achieve the ssh login, I copied the contents of ~/.ssh/identity.pub > to ~/.ssh/authorized_keys on the remote box. How much of a risk is it > allowing logins like that? My feeling is that if I trust the security on > the local box, it's not an issue. Comments? no comment on this. > > Any other suggestions/recommendations will be appreciated. > Camelia N. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message