| From: | "Mark Woodward" <pgsql(at)mohawksoft(dot)com> |
|---|---|
| To: | "Andrew Dunstan" <andrew(at)dunslane(dot)net> |
| Cc: | "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>, mark(at)mark(dot)mielke(dot)cc, "Euler Taveira de Oliveira" <eulerto(at)yahoo(dot)com(dot)br>, "Jim C(dot) Nasby" <jnasby(at)pervasive(dot)com>, "Andreas Pflug" <pgadmin(at)pse-consulting(dot)de>, "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Why don't we allow DNS names in pg_hba.conf? |
| Date: | 2006-02-13 19:38:38 |
| Message-ID: | 16562.24.91.171.78.1139859518.squirrel@mail.mohawksoft.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Mark Woodward wrote:
>
>>>If I am a road warrior I want to be able to connect, run my dynamic dns
>>>client, and go.
>>>
>>>
>>>
>>In your scenario of working as a road warrior, you are almost
>>certainly not going to be able to have a workable DNS host name unless
>> you
>>have a raw internet IP address. More than likely you will have an IP
>>address (known to your laptop) as a 192 or 10 address.
>>
>
>
> Nonsense. There is a dynamic DNS client that is quite smart enough to
> find out and use the gateway address. See:
> http://ddclient.sourceforge.net/
>
> I'm sure there are others, including some for Windows.
>
But then, there is another problem, if you don't have a real and true IP
address, if you are on anonymous 192 or 10 net (most likely the case),
then your dynamic DNS entry allows EVERYONE on your network the same
access.
I still say an SSH tunnel with port forwarding is more secure, besides you
can even compress the data stream.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2006-02-13 20:07:09 | Re: Why don't we allow DNS names in pg_hba.conf? |
| Previous Message | Greg Stark | 2006-02-13 19:26:10 | Re: psql & readline & win32 |