Home Explore Blog CI



postgresql
39th chunk of `doc/src/sgml/runtime.sgml`
5b74dca8109aa356636bd1812cc2cb31323d5b9e6fd0ab210000000100000c1b
 server.  This should not pose any
   extra security risk because they are on the same machine.
  </para>

  <para>
   In order for the
   tunnel setup to succeed you must be allowed to connect via
   <command>ssh</command> as <literal>joe@foo.com</literal>, just
   as if you had attempted to use <command>ssh</command> to create a
   terminal session.
  </para>

  <para>
   You could also have set up port forwarding as
<programlisting>
ssh -L 63333:foo.com:5432 joe@foo.com
</programlisting>
   but then the database server will see the connection as coming in
   on its <literal>foo.com</literal> bind address, which is not opened by
   the default setting <literal>listen_addresses =
   'localhost'</literal>.  This is usually not what you want.
  </para>

  <para>
   If you have to <quote>hop</quote> to the database server via some
   login host, one possible setup could look like this:
<programlisting>
ssh -L 63333:db.foo.com:5432 joe@shell.foo.com
</programlisting>
   Note that this way the connection
   from <literal>shell.foo.com</literal>
   to <literal>db.foo.com</literal> will not be encrypted by the SSH
   tunnel.
   SSH offers quite a few configuration possibilities when the network
   is restricted in various ways.  Please refer to the SSH
   documentation for details.
  </para>

  <tip>
   <para>
    Several other applications exist that can provide secure tunnels using
    a procedure similar in concept to the one just described.
   </para>
  </tip>

 </sect1>

 <sect1 id="event-log-registration">
  <title>Registering <application>Event Log</application> on <systemitem
  class="osname">Windows</systemitem></title>

  <indexterm zone="event-log-registration">
   <primary>event log</primary>
   <secondary>event log</secondary>
  </indexterm>

  <para>
   To register a <systemitem class="osname">Windows</systemitem>
   <application>event log</application> library with the operating system,
   issue this command:
<screen>
<userinput>regsvr32 <replaceable>pgsql_library_directory</replaceable>/pgevent.dll</userinput>
</screen>
   This creates registry entries used by the event viewer, under the default
   event source named <literal>PostgreSQL</literal>.
  </para>

  <para>
   To specify a different event source name (see
   <xref linkend="guc-event-source"/>), use the <literal>/n</literal>
   and <literal>/i</literal> options:
<screen>
<userinput>regsvr32 /n /i:<replaceable>event_source_name</replaceable> <replaceable>pgsql_library_directory</replaceable>/pgevent.dll</userinput>
</screen>
  </para>

  <para>
   To unregister the <application>event log</application> library from
   the operating system, issue this command:
<screen>
<userinput>regsvr32 /u [/i:<replaceable>event_source_name</replaceable>] <replaceable>pgsql_library_directory</replaceable>/pgevent.dll</userinput>
</screen>
  </para>

  <note>
   <para>
    To enable event logging in the database server, modify
    <xref linkend="guc-log-destination"/> to include
    <literal>eventlog</literal> in <filename>postgresql.conf</filename>.
   </para>
  </note>
 </sect1>

</chapter>
Title: Registering Event Log on Windows and SSH Tunnel Configuration
Summary
This section covers two topics: registering the Event Log library on Windows for use with PostgreSQL, including commands for registration, specification of event source names, and unregistration, as well as a note on enabling event logging; and configuring SSH tunnels for secure connections to the database server, including setup possibilities and considerations for network restrictions.