On Wednesday 12 December 2007 09:52:48 am Tom Lane wrote:
> johnf <jfabiani@yolo.com> writes:
> > I have one remote user that wants to connect via DSL and a dynamic IP. I
> > do NOT want to open the database to all internet IP's. Of course the
> > fear is someone will attack and break the password for the remote user.
> > What is the best way I can do this?
>
> Limit the range of IPs as much as you can, and require the connection to
> use SSL, and maybe insist on a client certificate.
>
> regards, tom lane
>
What do you mean by a cleint certificate? I'll assume it is some sort of key
that is passed to my server. But would postgres use the key? Or is this
just a way to insure user is who he say he is?
--
John Fabiani