Date: Mon, 16 Jul 2001 16:46:23 -0400 From: Eric Sproul <esproul@ntelos.net> To: freebsd-security@freebsd.org Subject: stunnel/mysql question Message-ID: <3B53529F.A0DBDC48@ntelos.net>
next in thread | raw e-mail | index | archive | help
Hi all, I'm trying out a setup that was described in the latest Sysadmin issue-- setting up Snort to log to a MySQL db over an stunnel-encrypted connection. Anyone else tried this yet? I'm running the client on 4.3-STABLE, with mysql323-client from the port (3.23.39) and stunnel 3.14, also from the port. The server is my Redhat 7.1 workstation with mysql 3.23.36 from RPM and stunnel 3.14 from source. As far as I can tell, both the mysql server and stunnel are configured correctly. I followed all the setup guidelines and made sure I had the access rights correct. The client has stunnel listening to localhost:3306 and forwarding to <server>:3307. The server is listening to port 3307 and forwarding to its localhost:3306, where the mysql server is running. But when I try to connect from the client over the stunnel-ed connection, I get client$ mysql -h 127.0.0.1 -u snortdb -p snortdata Enter password: ERROR 1045: Access denied for user: 'snortdb@localhost.localdomain' (Using password: YES) I can connect the same way right on the server and get in. I've eliminated host ACL's as the cause. On the network level everything is fine. Could stunnel be somehow mangling the login process? I don't have much experience with stunnel or SSL in general so I'm at a loss here. Thanks in advance! Eric To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B53529F.A0DBDC48>