01-12-2014, 02:18 AM
(01-11-2014, 09:19 AM)Raz Wrote: Good. That's exactly the way it should be. PHPMyAdmin isn't so bad so long as it's running on the server side and you're not exposing MySQL to any external network traffic but even security is paramount and so SSH with RSA keys is the way to go.
Server side? I thought the risk inherent in phpMyAdmin was if it was on a site since it's vulnerable to attack at times, especially if outdated. Wouldn't it make more sense if it was on another server that is having its connection tunneled through to the server with the database on it via SSH?
I still use a password to SSH into my box instead of RSA keys but I'd like to believe the password is reasonably secure to make bruteforce infeasible.
![[+]](images/collapse_collapsed.png "[+]")
Refs & Love![[Image: 3CczX.gif]](/image.php?src=http%3A%2F%2Fi.imgur.com%2F3CczX.gif&hash=9db9cbc1b02587124362cd385cc77acc)
![[Image: qjGOacY.png]](/image.php?src=http%3A%2F%2Fi.imgur.com%2FqjGOacY.png&hash=7f7db0268d4b24d2064b791a287e3646)