Re: remote user

On Wednesday 12 December 2007 09:52:48 am Tom Lane wrote:
> johnf <jfabiani@yolo.com> writes:
> > I have one remote user that wants to connect via DSL and a dynamic IP.  I
> > do NOT want to open the database to all internet IP's.  Of course the
> > fear is someone will attack and break the password for the remote user.
> > What is the best way I can do this?
>
> Limit the range of IPs as much as you can, and require the connection to
> use SSL, and maybe insist on a client certificate.
>
>             regards, tom lane
>

What do you mean by a cleint certificate?  I'll assume it is some sort of key
that is passed to my server.  But would postgres use the key?  Or is this
just a way to insure user is who he say he is?


--
John Fabiani