MySQL Encryption

Alan M Dunsmuir wrote:

I'm writing a Web application using PHP5 connecting to a MySQL database.

I've told the client's application administrator to look after back-ups
of the database by using the "Export" option in phpMyAdmin to
automatically copy the database contents (recorded as SQL statements) to
his desktop.

Is there some way I can include encryption in this download process?
(And equivalently, decryption should he need to restore the database
from a backed up copy?) He is running a Windows machine, so for him to
do this locally, as a separate step, would require the use of some
Windows encryption code, and would risk his leaving a open text version
of the database on his desktop for anybody to see.

This is not really a PHP question, but there are a few ways to get to a
database hosted on a web server or separate dedicated database server.

For a web server, phpMyAdmin is a possibility. To do this safely over
the big bad internet, run it on https. (you can use a self-signed
certificate and give your own root certificate to the client if you do
not want to spend money on a web certificate).

Or, you can tunnel port 3306 (or whatever port MySQL is serving) to your
local PC using an SSH tunnel. PuTTY is a good SSH client. If you
restrict SSH access to just a few known IP addresses, you can build a
pretty secure maintenance facility. One advantage of tunneling is that
your client can use any database front-end program he likes. There are
even database front-end programs that have SSH tunneling support built-in.

Best regards.

Alan M Dunsmuir wrote:

I'm writing a Web application using PHP5 connecting to a MySQL database.

I've told the client's application administrator to look after back-ups
of the database by using the "Export" option in phpMyAdmin to
automatically copy the database contents (recorded as SQL statements) to
his desktop.

Is there some way I can include encryption in this download process?
(And equivalently, decryption should he need to restore the database
from a backed up copy?) He is running a Windows machine, so for him to
do this locally, as a separate step, would require the use of some
Windows encryption code, and would risk his leaving a open text version
of the database on his desktop for anybody to see.

Try comp.databases.mysql for your mysql questions. This is a PHP newsgroup.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Jerry Stuckle wrote:

>
Try comp.databases.mysql for your mysql questions. This is a PHP
newsgroup.

No. It is actually a question about phpMyAdmin.

Alan M Dunsmuir wrote:

Jerry Stuckle wrote:

>>
Try comp.databases.mysql for your mysql questions. This is a PHP
newsgroup.

No. It is actually a question about phpMyAdmin.

In that case, he should be asking in the phpMyAdmin support forums, not
here.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Alan M Dunsmuir wrote:

Jerry Stuckle wrote:

>>
Try comp.databases.mysql for your mysql questions. This is a PHP
newsgroup.

No. It is actually a question about phpMyAdmin.

Sorry - tried to go back to edit and hit send instead...

If you're asking about phpMyAdmin, you should be asking the phpMyAdmin
support people. This is not a product support forum for anything which
just happens to be written in PHP.

I recommended comp.databases.mysql because export is a MySQL operation,
and you might be able to get some help there.

But this is not the correct forum to be asking your question.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

On Jul 5, 12:14 pm, Alan M Dunsmuir <a...@moonrake.demon.co.ukwrote:

I'm writing a Web application using PHP5 connecting to a MySQL database.

I've told the client's application administrator to look after back-ups
of the database by using the "Export" option in phpMyAdmin to
automatically copy the database contents (recorded as SQL statements) to
his desktop.

Is there some way I can include encryption in this download process?
(And equivalently, decryption should he need to restore the database
from a backed up copy?) He is running a Windows machine, so for him to
do this locally, as a separate step, would require the use of some
Windows encryption code, and would risk his leaving a open text version
of the database on his desktop for anybody to see.

You can use PHP, with it's mcrypt-crypto functions, see http://www.php.net
for details...There are a lot of open-source solutions for simple file
encryption ;)

OR

You can pay for other encryption-decryption software.

On Jul 5, 12:14 pm, Alan M Dunsmuir <a...@moonrake.demon.co.ukwrote:

I'm writing a Web application using PHP5 connecting to a MySQL database.

I've told the client's application administrator to look after back-ups
of the database by using the "Export" option in phpMyAdmin to
automatically copy the database contents (recorded as SQL statements) to
his desktop.

Is there some way I can include encryption in this download process?
(And equivalently, decryption should he need to restore the database
from a backed up copy?) He is running a Windows machine, so for him to
do this locally, as a separate step, would require the use of some
Windows encryption code, and would risk his leaving a open text version
of the database on his desktop for anybody to see.

Here is my simple mcrypt training script works on Linux PHP-5.2.6-26
a konsole program by the way.. You need libmcrypt-2.5.8 and PHP-5.2.6
compiled with mcrypt support.

<?php
// Boris The Scripter =) 2008 Licence:GPL-2
// usage: php fubar.php <key[-e/-d] <filename>

if($argc <= 4 && is_file($argv[3]))
{
$input_file_addr = $argv[3];
$input = file_get_contents($input_file_addr);
$key = $argv[1];
if($argv[2] == "-e")
{
$encrypted_data = @mcrypt_ecb(MCRYPT_RIJNDAEL_256, $key, $input,
MCRYPT_ENCRYPT);
//echo $encrypted_data . "\n";
$fp = fopen($input_file_addr,"w");
fwrite($fp,$encrypted_data);
fclose($fp);
}
else if($argv[2] == "-d")
{
$encrypted_data = @mcrypt_ecb(MCRYPT_RIJNDAEL_256, $key, $input,
MCRYPT_DECRYPT);
//echo $encrypted_data . "\n";
$fp = fopen($input_file_addr,"w");
fwrite($fp,$encrypted_data);
fclose($fp);
}
}
else echo "Program made a boo boo!\n";

?>