[dba-SQLServer] Schemas for separation of clients?

Jim Lawrence jlawrenc1 at shaw.ca
Wed May 20 14:40:06 CDT 2015 

Hi Mark: 

I have just started to work with SSH and have only been using the basics so I can connect to my serves from anywhere. 

One way I have been using SSH is via Filezilla (the SSH client is built in). It is not the traditional package you would think of as mostly people use FZ as a secure desktop to webserver connection...but it is so much more than that. Below is a list of features I cut and pasted from an article on FZ: 

    * Supports FTP, FTP over SSL/TLS (FTPS) and SSH File Transfer Protocol (SFTP) 
    * IPv6 support 
    * Available in more than 40 languages 
    * Supports resume and transfer of large files >4GB 
    * Easy to use Site Manager and transfer queue 
    * Bookmarks 
    * Drag & drop support 
    * Speed limits 
    * Filename filters 
    * Directory comparison 
    * Network configuration wizard 
    * Remote file editing 
    * Keep-alive 
    * HTTP/1.1, SOCKS5 and FTP Proxy support 
    * Logging to file 
    * Synchronized directory browsing 
    * Remote file search 
    * Tabbed interface to connect to multiple servers

Connecting to a database should be easy though I have not tried but here is a simple example/explanation of how to connect to a MySQL DB via a remote SSH connection that just port forwards to the DB:

http://www.howtogeek.com/howto/ubuntu/access-your-mysql-server-remotely-over-ssh/

Of course it assumes the remote server is setup for host internet connections. MS SQL should be as easy to configure. Here is another link to an article on the concept of port-forwarding with SSH (which took me a bit of time to fully understand).

http://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html

In a nutshell, once an appropriate SSH string is entered any database can be ran on a host server as if it is running locally on the client. You can also multiplex from your client computer to any number of remote databases, simultaneously...limited of course by your bandwidth. Of course the security and policies are limited only by your imagination and requirement (via ssh/config file). Word from the wise: Though it is temping do not go full bore encryption...once the key is lost, it is gone forever.  

PS: Another good article on setting up Port-forwarding and a few little work-arounds when issues arrive: 

http://blog.trackets.com/2014/05/17/ssh-tunnel-local-and-remote-port-forwarding-explained-with-examples.html

HTH 

As I become more familiar with the product I will post my insights here and please do the same.

Jim
  
----- Original Message ----- 

From: "Mark Breen" <marklbreen at gmail.com> 
To: "Discussion concerning MS SQL Server" <dba-sqlserver at databaseadvisors.com> 
Sent: Tuesday, March 31, 2015 6:23:39 AM 
Subject: Re: [dba-SQLServer] Schemas for separation of clients? 

Hello Jim 

Do you have any specific links to learn how yo use openssh on windows to 
establish a VPN. 

I can Google myself but just asking in case you have 'the perfect document'. 
On 31 Mar 2015 10:57, "Jim Lawrence" <accessd at shaw.ca> wrote: 

> Hi John: 
> 
> If you are thinking of going Cloud based, it may be an idea to try SSL. 
> OpenSSL is an excellent super secure VPN. It works on both Linux and there 
> is now a Windows version. I use Linux version all the time to connect to my 
> servers from anywhere. 
> 
> https://www.youtube.com/watch?v=FZyUX-LZHts 
> 
> Jim 
> 
> ----- Original Message ----- 
> From: "John W. Colby" <jwcolby at gmail.com> 
> To: "Discussion concerning MS SQL Server" < 
> dba-sqlserver at databaseadvisors.com>, jwcolby at gmail.com 
> Sent: Monday, March 30, 2015 9:40:14 AM 
> Subject: Re: [dba-SQLServer] Schemas for separation of clients? 
> 
> I am actually talking about other databases, not the "database from hell". 
> 
> I have been following your AWS thread with interest. How do you get the 
> public IP address? I would think that would make the speeds much better 
> than trying to tunnel in using Hamachi. How do you deal with security / 
> hack attempts? Having that public facing IP has always put me off. 
> 
> John W. Colby 
> 
> On 3/30/2015 10:47 AM, Gustav Brock wrote: 
> > Hi John 
> > 
> > I have just set up a micro instance at AWS hosting SQL Server 2008 
> Express and a public IP address. 
> > Then I can attach it directly via ODBC. 
> > We have only a 15 Mbit/s download, so speed is slower than from our 
> in-house SQL Servers but fully acceptable. 
> > 
> > At takes a little to set up the access to AWS. I skipped the VPN 
> offering but I may add that later when I find out how to do it. 
> > 
> > My need is very far from yours with a maximum record count per table of 
> some hundred thousands so I may never meet the issues you are dealing with. 
> > 
> > /gustav 
> > 
> > -----Oprindelig meddelelse----- 
> > Fra: dba-SQLServer [mailto:dba-sqlserver-bounces at databaseadvisors.com] 
> På vegne af John W. Colby 
> > Sendt: 30. marts 2015 15:35 
> > Til: Discussion concerning MS SQL Server; jwcolby at gmail.com 
> > Emne: Re: [dba-SQLServer] Schemas for separation of clients? 
> > 
> > Are you guys hitting the BE with an Access FE? If so how are you 
> linking to the tables? 
> > 
> > I am running Access linked tables over the internet to SQL Server on a 
> privately hosted VM / SQL Server. It runs just fine, though a bit slow. 
> OK very slow given how I design things. But it does work. In order to do 
> it however I set up a single user / password out in SQL Server, then come 
> into the VM using Hamachi. I think that Hamachi is one of the causes of 
> the slowness, though since that is the only way in for me, it is tough to 
> know exactly. 
> > 
> > Just wondering what you are up to and how to implement it. 
> > 
> > John W. Colby 
> > 
> > On 3/30/2015 9:18 AM, Gustav Brock wrote: 
> >> Hi Mark 
> >> 
> >> Perfect. I missed that. I have a t2.micro instance running now with 
> public access. 
> >> 
> >> I wonder if I should set up a VPN connection? It seems quite 
> straight-forward to at the AWS site but may create some challenges at my 
> site. 
> >> 
> >> /gustav 
> >> 
> >> -----Oprindelig meddelelse----- 
> >> Fra: dba-SQLServer [mailto:dba-sqlserver-bounces at databaseadvisors.com] 
> >> På vegne af Mark Breen 
> >> Sendt: 30. marts 2015 11:31 
> >> Til: Discussion concerning MS SQL Server 
> >> Emne: Re: [dba-SQLServer] Schemas for separation of clients? 
> >> 
> >> Hello Gustav 
> >> 
> >> I have played with RDS but mostly I use ec2. For you I was suggesting 
> ec2 and SQL express. Then you can have multiple dB's. 
> >> 
> >> Mark 
> >> On 30 Mar 2015 16:28, "Gustav Brock" <gustav at cactus.dk> wrote: 
> >> 
> >>> Hi Mark 
> >>> 
> >>> Interesting. We've used AWS for years, but for storage only, so I was 
> >>> not up-to-date with their RDS offerings. It seems like it could be 
> >>> well suited for my purpose. 
> >>> 
> >>> I had to update our login options, and that seems for some reason to 
> >>> be a major task as they claim it can take up to 24 hours before 
> >>> settled - and until then no RDS service. I have to turn on some 
> patience ... 
> >>> 
> >>> /gustav 
> >>> 
> >>> -----Oprindelig meddelelse----- 
> >>> Fra: dba-SQLServer 
> >>> [mailto:dba-sqlserver-bounces at databaseadvisors.com] 
> >>> På vegne af Mark Breen 
> >>> Sendt: 30. marts 2015 05:46 
> >>> Til: Discussion concerning MS SQL Server 
> >>> Emne: Re: [dba-SQLServer] Schemas for separation of clients? 
> >>> 
> >>> Hello Gustav 
> >>> 
> >>> I have been using aws for two years now and love it. Amazon have 
> >>> some new micro machines (t2) that are really cheap and yet have some 
> power. 
> >>> Their costs are low enough yo consider for low budget projects yet 
> >>> offer all the quality of true best in class cloud. 
> >>> 
> >>> I usually do all my setting up on an enormous machine, then shutdown 
> >>> and switch to a micro instance and restart. That way I get to deal 
> >>> with great performance when in rdp and once I am done I pay pennies 
> per day. 
> >>> 
> >>> For me the absolute cost is secondary to the almost 100% likelihood 
> >>> my hardware will never fail. This reliability is what u am really 
> buying. 
> >>> 
> >>> As an aside, I have automated all my daily backups and transferred 
> >>> them all off machine to Amazon s3. 
> >>> 
> >>> Hth 
> >>> Mark 
> >>> On 30 Mar 2015 02:42, "Gustav Brock" <gustav at cactus.dk> wrote: 
> >>> 
> >>>> Hi Mark 
> >>>> 
> >>>> Good points. The added precautions and potential issues may very 
> >>>> well not be more "expensive" than the little money saved. 
> >>>> 
> >>>> /gustav 
> > 
> > _______________________________________________ 
> > dba-SQLServer mailing list 
> > dba-SQLServer at databaseadvisors.com 
> > http://databaseadvisors.com/mailman/listinfo/dba-sqlserver 
> > http://www.databaseadvisors.com 
> > 
> 
> _______________________________________________ 
> dba-SQLServer mailing list 
> dba-SQLServer at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/dba-sqlserver 
> http://www.databaseadvisors.com 
> 
> 
> _______________________________________________ 
> dba-SQLServer mailing list 
> dba-SQLServer at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/dba-sqlserver 
> http://www.databaseadvisors.com 
> 
> 
_______________________________________________ 
dba-SQLServer mailing list 
dba-SQLServer at databaseadvisors.com 
http://databaseadvisors.com/mailman/listinfo/dba-sqlserver 
http://www.databaseadvisors.com

More information about the dba-SQLServer mailing list