Обсуждение: How can I be confirm that data is encrypted over the network using SSL

Поиск
Список
Период
Сортировка

How can I be confirm that data is encrypted over the network using SSL

От
AI Rumman
Дата:
I have configured SSL connection between client/server using self-signed certificate.

----------------------------------------------------------------------------------
Password:
Welcome to psql 8.3.8, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help with psql commands
       \g or terminate with semicolon to execute query
       \q to quit

SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)

postgres=# \l
        List of databases
   Name    |  Owner   | Encoding
-----------+----------+----------
 postgres  | postgres | UTF8
 template0 | postgres | UTF8
 template1 | postgres | UTF8
(3 rows)
--------------------------------------------------------------------------------------

PGDATA dir:

-------------------------------------------------------------------

-bash-3.2$ ls -l
total 84
drwx------ 5 postgres postgres  4096 May  4 14:09 base
drwx------ 2 postgres postgres  4096 May  5 10:58 global
...
-rw------- 1 postgres postgres  3600 May  4 14:17 server.crt
-rw------- 1 postgres postgres   887 May  4 14:17 server.key
-rw------- 1 postgres postgres  2195 May  4 14:16 server.req

----------------------------------------------------------------------

Client ~/.postgresql dir

--------------------------------------------

-bash-3.2$ ls -l
total 12
-rw-r--r-- 1 postgres postgres 3259 May  4 18:36 postgresql.crt
-rw------- 1 postgres postgres  887 May  4 18:35 postgresql.key
-rw-r--r-- 1 postgres postgres 2080 May  4 18:35 postgresql.req

--------------------------------------------


I set the $PGSSLMODE=require to encrypt data across the netwrok.


How could I be sure that data is encrypted over the network?


Re: How can I be confirm that data is encrypted over the network using SSL

От
John R Pierce
Дата:
AI Rumman wrote:
> I have configured SSL connection between client/server using
> self-signed certificate.
> ...
> SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
> .....
> I set the $PGSSLMODE=require to encrypt data across the netwrok.
>
>
> How could I be sure that data is encrypted over the network?
>

use a packet sniiffer like wireshark or tcpdump to examine traffic to
the server  hostip on whatever tcp port you're using...  if its
plaintext, you would see your SQL commands and their responses coming
across the wire.  if its SSL, it will all look like binary gibberish.