Remote port tunnelling with SSH

156

Hi there, here’s a quick blog about SSH port forwarding, let’s describe the scenario with an example, of course port forwarding may be applied to everythin, not only to mysql as reported in the sample

 

Assume you’ve a remote host with MySQL server installed and running, of course for security reasons you’ve forbidden TCP connections from every machine except localhost, or at least this is how I usually configure my services. Your Python, PHP, Java apps and even CLI apps are happy with it, they can access mysql backend by connecting to localhost on 3306 port.

For security reasons when you’re inside the mysql server you can connect to my by using:
myserver:~$ mysql –host=127.0.0.1 –user= –password=
pretty safe and good, I usually configure MySQL in this way:
myserver:~$ cat /etc/mysql/my.cnf|grep “bind-address”
bind-address = 127.0.0.1

so far, everything is perfect now but if you need to manage your remote db with MySQL Administrator or with your preferred tool how can you connect to this machine ? Easy, let’s forward remote 3306 port to local 3306 or other port if needed, then you can connect to localhost and use the SSH tunnel in between. from your local machine:
localmachine:~$ ssh -l -L 3306:localhost:3306
So you open an ssh console to your machine from your localhost, with the connection you ask remote to port forward its 3306 port to your local 3306.
Now try to open your remote db from localhost, so if you use mysql command line utility you need to type:
localmachine:~$ mysql –host=127.0.0.1 –user= –password=
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 254
Server version: 5.0.51a-24 (Debian)

Type ‘help;’ or ‘h’ for help. Type ‘c’ to clear the buffer.

mysql>

And that’s it !

Obviously you can even use your favorite admin tool, not only mysql cli

 

Pretty easy and quick

Hope it helps someone

Ben