How to protect the connection over insecure networks (Internet)?
Firebird doesn't have anything built in for that. There is a discussion of possibility to use SSL, and perhaps it will be implemented in some future version. In the meantime, you can use some generic tunneling software like SSH, SSL or ZeBeDee.
1. Simple SSH example:
Here's an example how to run a simple SSH tunnel. Example assumes that you have an SSH account at the remote machine in the same network where Firebird server is running.
SSH account username: thomas
SSH account password: ******
SSH server IP address: 184.108.40.206
Firebird server IP address in local network: 192.168.0.22
Firebird server port (default): 3050
Local port: 3051 (if you have Firebird installed on your machine, you cannot use 3050, so we use 3051).
Create a tunnel:
ssh -L 3051:192.168.0.22:3050 firstname.lastname@example.org
Now you can connect from your application or administration tool to localhost/3051 and you'll get access to remote Firebird server.
If you wish to automate this, it is advisable to create a set of public/private keys and use that instead of password authentication.
2. Simple Zebedee example:
This example shows zebedee usage without private encryption keys. Such connection still uses encryption, but anyone is allowed to connect to zebedee server. This is similar to SSL: anyone can connect, but nobody can listen to the connection. We'll use the same setup as SSH example:
Start a zebedee server on 220.127.116.11, and point it to the Firebird server:
zebedee -s 192.168.0.22
This would forward all trafic. You can make advanced setup by editing the zebedee configuration file.
Now, create a tunnel on the client:
zebedee 18.104.22.168 3051:192.168.0.22:3050
That's all. Now you can connect from your application or administration tool to localhost/3051 and you'll get access to remote Firebird server.
For detailed instructions on zebedee setup, read the following paper by Artur Anjos:
3. SSL (stunnel) instructions are explained in detail here: