Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Is MySQL CLI secure

Posted on 2011-09-30
1
Medium Priority
?
221 Views
Last Modified: 2012-06-21
Good afternoon,
Ive usually done all my queries on my remote MySQL server  by using the MySQL CLI on my PC, however it occurs to me that it isnt secure. After a quick search on google Im stil not sure. Does anyone have any comments either way?

Thank you
0
Comment
Question by:tonelm54
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 23

Accepted Solution

by:
nemws1 earned 2000 total points
ID: 36892732
Yes, MySQL connections are not secure.  Do you have SSH access to your server?  If so, you can create a secure tunnel using something like (this is on your client):

   ssh -L 3306:localhost:3306 server.whatever.com

Then just run 'mysql' and connect to '127.0.0.1' (Note: if you try to connect to the 'localhost' name here, it won't work, as mysql will assume you're running with a named socket on your local machine and try to connect to that, but that's not what you want)

On MySQL on the server, make sure you have access from your username and host "localhost" (the MySQL server will think you're connecting from the localhost when doing this).

You can easily use PuTTy as well for this, just go to Connection -> SSH -> Tunnels and add 3306 in "Source port" and "localhost:3306" in Destination and click Add.


If you don't have SSH access to this host (or any other hosts that might be on a secured network with it), then I don't think you can easily secure the connection.


Here are some other sites that perhaps have explained this better than I have:
  http://www.whoopis.com/howtos/mysql_ssh_howto.html
  http://kb.mediatemple.net/questions/133/Tunnel+local+MySQL+server+through+SSH
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is intended for those who are new to PHP error handling (https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html).  It addresses one of the most common problems that plague beginning PHP develop…
This post looks at MongoDB and MySQL, and covers high-level MongoDB strengths, weaknesses, features, and uses from the perspective of an SQL user.
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question