brian2k1
asked on
Setup SSH Tunnel using OpenSSH for Windows
I have been trying to establish a MySQL connection through SSH without luck.
Server has OpenSSH for Windows installed and setup with two users Administrator and ssh_user with a group and passwd file setup in the C:\OpenSSH\etc folder.
I open a command window and type "net start opensshd" and openssh starts as a service. I've verified this by looking at it "started" in the services window.
Now I go to my development machine and open another command window and type
"plink -v -ssh -l ssh_user -pw 1234 -L 3306:localhost:3306 192.168.100.151"
It runs and says it "Opened channel for session", "Local port 3306 forwarding to localhost:3306"
Things are not working though. I've setup the built in firewall on Windows 2003 Server and blocked everything except port 22 (SSH). Shouldn't port 3306 now be going through 22 on the server and SSH server talking back with 3306?
Is there something else I need to do to setup on the server? Seems like I need to setup a tunnel on the server but all the articles I can find on google are not that helpful.
I've already got and installed OpenSSH for Windows, PuTTY, and pLink downloaded.
I want to establish a Secure Tunnel between the Server and my workstation for port 3306.
Server has OpenSSH for Windows installed and setup with two users Administrator and ssh_user with a group and passwd file setup in the C:\OpenSSH\etc folder.
I open a command window and type "net start opensshd" and openssh starts as a service. I've verified this by looking at it "started" in the services window.
Now I go to my development machine and open another command window and type
"plink -v -ssh -l ssh_user -pw 1234 -L 3306:localhost:3306 192.168.100.151"
It runs and says it "Opened channel for session", "Local port 3306 forwarding to localhost:3306"
Things are not working though. I've setup the built in firewall on Windows 2003 Server and blocked everything except port 22 (SSH). Shouldn't port 3306 now be going through 22 on the server and SSH server talking back with 3306?
Is there something else I need to do to setup on the server? Seems like I need to setup a tunnel on the server but all the articles I can find on google are not that helpful.
I've already got and installed OpenSSH for Windows, PuTTY, and pLink downloaded.
I want to establish a Secure Tunnel between the Server and my workstation for port 3306.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Well you stay up long enough and enlightenment is bound to happen.
When I was trying to connect to MySQL on the server through the SSH tunnel I was still trying to connect to 192.168.100.151. When I finally realized I needed to go to 127.0.0.1. When I did that it worked as expected. And I verified the encrypted connected using the Windows built in Network Monitor.
Going through 192.168.100.151:3306 you could clearly see the username supplied for connection and read the query sent to mysql "SHOW VARIABLES LIKE 'have_openssl'"
Going through 127.0.01:3307 you could not see anything in plain text.
Anyone who can provide GOOD reference links to MySQL replication setup or SSH on Windows will get the points.