DoC Computing Support Group


Revision 1 as of 2011-10-25 20:12:46

Clear message

PostgreSQL connections from off-site

If you want to connect directly to the PostgreSQL server from outside the college network, you must use SSL encryption. Here are four possible ways to address this.

Use the college VPN service

If you first connect using the college VPN service, then your PostgreSQL connection will be considered as being from on-site. In this case, you will not need to use SSL encryption.

Use SSH tunnelling

This is similar to using VPN but at an application-level. Use an SSH client to create a tunnel from your computer outside the network to db.doc.ic.ac.uk through one of the externally-accessible SSH servers: shell1.doc.ic.ac.uk -- shell4.doc.ic.ac.uk. Here is the syntax from a Linux terminal:

ssh -L 12345:db.doc.ic.ac.uk:5432 shell1.doc.ic.ac.uk

After you authenticate, the above command will set up a tunnel from port 12345 on your local computer to port 5432 (upon which the PostgreSQL service listens on db.doc.ic.ac.uk). You can then configure the PostgreSQL client on your local computer to connect to localhost:12345. Here is the syntax from a Linux terminal:

psql --host localhost --port 12345 -U postgreUserName --dbname=postgresDatabaseName

To be completed

SSL Connection without Authentication

To be completed

SSL Connection with Authentication

To be completed