Forum OpenACS Q&A: Response to How to install postgresql on another machine?

Posted by David Walker on
If you truely want to do what you described here is the way I do it. Using ssl is probably simpler but I haven't done it and can't tell you how and ssh is nice because it requires one more layer of security.

Add this line to your /etc/inittab
tw01:345:respawn:/usr/bin/ssh -2 -e none -p 22 -c blowfish -L 5432: nonrootaccount@db_machine

If you haven't already, generate your ssh2 key using ssh-keygen -d
Put the ssh2 (/root/.ssh/ public key for your root account of the web server in /home/nonrootaccount/.ssh/authorized_keys2 on the database server
"init q" will cause your machine to reread /etc/inittab and, if everything works, will start forwarding port 5432 of to your database server over the encrypted ssh link

Change the DataSource line to use an IP instead of "localhost". The driver connects on Unix sockets for the name "localhost" and uses tcpip for anything else.
ns_param DataSource