Comments (4)
Summit is designed to be accessed by trusted clients inside trusted environments. If there's access to the ip/port, then there's full access to the database. This would be a problem if you have an open network.
For EC2 you'll need to configure a security group to create a virtual firewall to put the Summit instances behind.
Another option that I haven't tried is to use spiped or stunnel in front of the Summit. This is how some people secure their Redis servers.
I may add some type of authentication or encryption in the future.
from summitdb.
Thanks for clarifying; it makes sense to me that not all users will need security; if you are already behind a webserver for instance.
I wrote a Go library to do direct ssh tunneling https://github.com/glycerine/sshego. This is similar to stunnel, but all in a Go library, so one doesn't need a separate process. If you're interested in having ssh as a security option, I may be able to do a PR.
from summitdb.
👍 This is definitely interesting to me. Along with SummitDB, I have another project that this might find this useful. I'll look into it some more and let you know.
from summitdb.
After looking at the redcon code, I added unixdomain socket support to sshego so as to minimize the needed code changes. This should make tunneling over a ssh pretty trivial configuration change. (Moreover it turns out unixdomain socket support is even standard in openssh after version 6.7, so one may not even need a new firewall rule/just reuse port 22 if the sshd is new enough.)
from summitdb.
Related Issues (20)
- Q: read the last FENCE token without incrementing? HOT 1
- missing server means new leader complains forever; needs to avoid spamming its logs HOT 2
- Q: transactions or pipelined commands? HOT 3
- can't create cluster over localhost:7777 tunneled connection HOT 5
- Unable to join cluster HOT 9
- Is it (already) possible to retrieve a list of all the peers for a cluster? HOT 5
- Getting Started - FreeBSD Incorrect Download Path HOT 6
- support for list data structure HOT 3
- Can't join cluster: "peer already known" HOT 2
- how to implement distributed lock with fencing tokens? HOT 1
- Kubernetes Statefulset
- Will you support authentication and TLS? HOT 1
- active project? HOT 1
- FYI: works fine on AArch64... HOT 1
- Q: SummitDB as embedded DB? HOT 1
- Question: what happened when out of memory? HOT 2
- Is it neccessary to open buntdb in file mode? HOT 3
- What happend when a command is committed but has errors when apply it? HOT 3
- The raft.db will grow unlimitedly? HOT 1
- Docs mention Lua eventhough Javascript is used
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from summitdb.