How do you guys secure phpMyAdmin? The folks in my office aren't comfortable with ssh+command line interface to mysql and I'm not comfortable passing what amounts to an administrator password plaintext.

Two things I"ve come up with:
1) Run phpMyAdmin on ssl (doesn't take care of the phpMyAdmin config script passing plaintext admin pw, but helps avoid sniffing)
2) Run phpMyAdmin on an internal machine and somehow tell the mysql box to not accept phpmyadmin connections from anywhere but the internal IP.

Please help...