On Thu, Mar 08, 2001 at 03:44:45PM -0600, Thomas T. Veldhouse wrote:
>MySQL will get the servername of where ever sshd is running.  I do this all
>the time -- allows me a local ODBC connection accross ssh to MySQL running
>on a different firewalled machine.

o.k. so what mysql command do you use?

>
>Tom Veldhouse
>veldy at veldy.net
>
>----- Original Message -----
>From: "Troy Johnson" <Troy.A.Johnson at state.mn.us>
>To: <tclug-list at mn-linux.org>
>Sent: Thursday, March 08, 2001 3:41 PM
>Subject: Re: [TCLUG] tuneling mysql though ssh
>
>
>> Have you used the IP address of hermes in the command line to 'mysql'?
>MySQL may be getting confused with the server name it is being handed. Just
>a guess.
>>
>> With ftp, have you forwarded ports 20 and 21? Have you tried setting your
>client to passive mode using just port 21?
>>
>>
>> >>> blutgens at sistina.com 03/08/01 03:00PM >>>
>> Hi all, we wanna secure the way our webserver talks to our database. We'd
>like
>> for all mysql work to be done though an ssh tunnel. I found very little
>> documentaion on this save a few mailing list posts. Essentially here's
>what I
>> am doing.
>>
>> 1.)in one terminal from hermes.sistina.com
>> ssh -L 13306:bender.sistina.com:3306 bender.sistina.com sleep 20
>>
>> 2.) then from a nother shell on the same machine
>> mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD
>>
>> I have tried the tunnel with ftp, telnet, and I get my mail from my imap
>> server this way with fetchmail but for some reason I get
>> ERROR 2003: Can't connect to mysql server on 'hermes' (111)
>>
>> It's my understanding that with the ssh command above anything trying to
>> connect to port 13306 on the local machine is tranparently pushed though
>the
>> tunnel to the port on the other end (in this case 3306 the default mysql
>port)
>>
>> When I do this with ftp, I can connect, login and all is well. But I get
>> illegal port command errors. My research has told me that wu-ftpd don't
>like
>> when you tunnel to it.
>>
>> Has anyone done this before? Is there a better way to secure database
>> transactions?
>> --
>> Ben Lutgens cell: 612.670.4789
>> Sistina Software Inc. worl: 612.379.3951
>> Code Monkey Support (A.K.A. System Administrator)
>>
>> "It's hard to believe that's the same frail woman who once sprained her
>wrist
>> from having too much dip on a cracker!" -- Frazier Crane
>>
>> _______________________________________________
>> tclug-list mailing list
>> tclug-list at mn-linux.org
>> https://mailman.mn-linux.org/mailman/listinfo/tclug-list
>>
>
>_______________________________________________
>tclug-list mailing list
>tclug-list at mn-linux.org
>https://mailman.mn-linux.org/mailman/listinfo/tclug-list

-- 
Ben Lutgens		cell: 612.670.4789
Sistina Software Inc.	worl: 612.379.3951
Code Monkey Support (A.K.A. System Administrator)

"It's hard to believe that's the same frail woman who once sprained her wrist
from having too much dip on a cracker!" -- Frazier Crane
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010308/afc7401e/attachment.pgp