Solved

MySql client tunnel through intermediate host

Posted on 2014-02-24
5
79 Views
Last Modified: 2016-06-03
Situation:

Hosts A,B,C

Host A is where my MySql client resides. Host C is the MySql server. Host B is a host to which i have ssh access, which has the benefit of a fixed IP, which is not the case with host A. I'd like only one host to be permitted remote MySql access to C, namely A. I was rather hoping this could be made possible by tunneling through B. Is it? I want to be able to query C from A.

Host B does not have a MySql client and i really need it to stay that way.
0
Comment
Question by:CEHJ
  • 2
  • 2
5 Comments
 
LVL 28

Accepted Solution

by:
serialband earned 350 total points
ID: 39884272
You should be able to use ssh on Host B to map the remote port of host C to the local port on Host B.

ssh -T -N -L 3306:localhost:3306 Host_C

You could also remap the port on Host B to another port.
ssh -T -N -L 3307:localhost:3306 Host_C


You might even want to run another tunnel from your system, Host A, to Host B to keep the traffic encrypted.

ssh -T -N -L 3308:localhost:3307 Host_B

Then you just connect you MySQL cilent to port 3308 on your local system.   I used different ports to show you how to set it up.
0
 
LVL 86

Author Comment

by:CEHJ
ID: 39884311
Thanks - that's interesting. Normally B's firewall is very tight. Is it the case that since we're tunneling through ssh, B:3306 is not going to have a firewall problem for me connecting from A?
0
 
LVL 28

Expert Comment

by:serialband
ID: 39884756
What ports are open on B?  You can remap that port to anything.
0
 
LVL 86

Author Comment

by:CEHJ
ID: 39885139
From memory, 53, 139 & 22
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question