sarlav kumar wrote:

> Hi All,
>
> I read in some documentation that for the replication to be secure, 
> the network on which the slony cluster is defined should be secure by 
> itself. And if one of the nodes is on a host which cannot be 
> considered secure, the whole cluster is vulnerable.
>
> Sorry if these are simple questions. Assuming the network is secure, 
> is there anyway to secure the raw data communication between the 
> nodes? Is there any security mechanism implemented in slony in these 
> lines, like for instance encrypting the data that is replicated? Is it 
> possible to replicate over SSL?
>
Actually, the big issue is the assumption that "the network is secure." 

If it is secure, then there is little need for additional mechanisms.

If it is not secure, then you are in big trouble.

Slony-I does not introduce any new components or methods to complicate 
security mechanisms, as all it does is to use plain old PostgreSQL 
database connections.

- Since PostgreSQL supports SSL connections, you can use them, if you like.
- It is even possible to use SSH tunnels as a further mechanism, 
completely transparently to Slony-I.

Thus, the way to think about security mostly involves thinking about how 
you would keep PostgreSQL access secure irrespective of the presence of 
Slony-I.  None of the mechanisms you might use are specific to Slony-I.