• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1961
  • Last Modified:

Setup SSH Tunnel using OpenSSH for Windows

I have been trying to establish a MySQL connection through SSH without luck.

Server has OpenSSH for Windows installed and setup with two users Administrator and ssh_user with a group and passwd file setup in the C:\OpenSSH\etc folder.

I open a command window and type "net start opensshd" and openssh starts as a service. I've verified this by looking at it "started" in the services window.

Now I go to my development machine and open another command window and type
"plink -v -ssh -l ssh_user -pw 1234 -L 3306:localhost:3306 192.168.100.151"

It runs and says it "Opened channel for session", "Local port 3306 forwarding to localhost:3306"

Things are not working though. I've setup the built in firewall on Windows 2003 Server and blocked everything except port 22 (SSH). Shouldn't port 3306 now be going through 22 on the server and SSH server talking back with 3306?

Is there something else I need to do to setup on the server? Seems like I need to setup a tunnel on the server but all the articles I can find on google are not that helpful.

I've already got and installed OpenSSH for Windows, PuTTY, and pLink downloaded.

I want to establish a Secure Tunnel between the Server and my workstation for port 3306.
0
brian2k1
Asked:
brian2k1
1 Solution
 
brian2k1Author Commented:
Update: DUH!

Well you stay up long enough and enlightenment is bound to happen.

When I was trying to connect to MySQL on the server through the SSH tunnel I was still trying to connect to 192.168.100.151. When I finally realized I needed to go to 127.0.0.1. When I did that it worked as expected. And I verified the encrypted connected using the Windows built in Network Monitor.

Going through 192.168.100.151:3306 you could clearly see the username supplied for connection and read the query sent to mysql "SHOW VARIABLES LIKE 'have_openssl'"

Going through 127.0.01:3307 you could not see anything in plain text.

Anyone who can provide GOOD reference links to MySQL replication setup or SSH on Windows will get the points.
0
 
tmehmetCommented:

ssh for windows - tools, setup, admin type info and resources

http://www.windowsecurity.com/articles/SSH_Using_Secure_Shell_for_Windows_.html

    * OpenSSH Windows/Mac page: http://www.openssh.com/windows.html
    * PuTTY, pscp and related tools: http://www.chiark.greenend.org.uk/~sgtatham/putty/
    * Configuring PuTTY: http://www.jfitz.com/tips/putty_config.html
    * WinSCP: http://winscp.sourceforge.net/eng/
    * Tera Term Pro: http://hp.vector.co.jp/authors/VA002416/teraterm.html
    * TTSSH, (Tera Term Pro SSH extension): http://www.zip.com.au/~roca/ttssh.html
    * Cygwin: http://www.cygwin.com/
    * XFree86 for Cygwin: http://cygwin.com/xfree/
    * KDE for Cygwin: http://kde-cygwin.sourceforge.net/
    * Gnome for Cygwin: http://cygnome.sourceforge.net/
    * Configuring Cygwin's SSH server: http://tech.erdelynet.com/cygwin-sshd.asp
    * Network Simplicity's SSH server: http://sshwindows.sourceforge.net/
    * Minimal SSH server installation: http://www.certaintysolutions.com/tech-advice/ssh_on_nt.html
    * ssh tunnelfor vnc: http://pigtail.net/LRP/vnc/


Commercial windows ssh tools;

http://www.bitvise.com/winsshd.html
http://www.foxitsoftware.com/wac/server_intro.php
http://www.ssh.com/products/tectia/
http://www.goodtechsys.com/sshdnt2000.asp
http://www.vandyke.com/products/vshell/index.html?source=google&campaign=7&creative=1

MySQL & SSH from windows

http://dev.mysql.com/doc/mysql/en/windows-and-ssh.html
http://www.vbmysql.com/articles/ssh-tunnel-part2.html
http://netmirror.org/mirror/mysql.com/tech-resources/articles/securing_mysql_windows.html





0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now