Did you try telnet to it. Maybe it is from MySQL permissions? Also, try localhost instead of hermes. ssh -L 13306:localhost:3306 bender.sistina.com mysql -h localhost -P 13306 -u$USERNAME --p$PASSWORD Tom Veldhouse veldy at veldy.net ----- Original Message ----- From: "Ben Lutgens" <blutgens at sistina.com> To: <tclug-list at mn-linux.org> Sent: Thursday, March 08, 2001 4:33 PM Subject: Re: [TCLUG] tuneling mysql though ssh On Thu, Mar 08, 2001 at 03:51:55PM -0600, Thomas T. Veldhouse wrote: >I may miss what you are doing (I use the SSH2 client from ssh.com). > >But I think you want: > >ssh -L 13306:hermes.sistina.com:3306 bender.sistina.com >mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD I did this exactly as above and still get ERROR 2203: Coan't connect to MySQL server on 'hermes.sistina.com' (111) Also when I do it this way with (for example) ftp ports I can't connect at all. I am pretty sure the first part is localport:remotehost:remoteport > >Is there any reason you can't just use 3306 on hermes as well? So ... > >ssh -L 3306:hermes.sistina.com:3306 bender.sistina.com >mysql -h hermes.sistina.com -u$USERNAME --p$PASSWORD > > >Tom Veldhouse >veldy at veldy.net > >----- Original Message ----- >From: "Ben Lutgens" <blutgens at sistina.com> >To: <tclug-list at mn-linux.org> >Sent: Thursday, March 08, 2001 3:00 PM >Subject: [TCLUG] tuneling mysql though ssh > >Hi all, we wanna secure the way our webserver talks to our database. We'd >like >for all mysql work to be done though an ssh tunnel. I found very little >documentaion on this save a few mailing list posts. Essentially here's what >I >am doing. > >1.)in one terminal from hermes.sistina.com >ssh -L 13306:bender.sistina.com:3306 bender.sistina.com sleep 20 > >2.) then from a nother shell on the same machine >mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD > >I have tried the tunnel with ftp, telnet, and I get my mail from my imap >server this way with fetchmail but for some reason I get >ERROR 2003: Can't connect to mysql server on 'hermes' (111) > >It's my understanding that with the ssh command above anything trying to >connect to port 13306 on the local machine is tranparently pushed though the >tunnel to the port on the other end (in this case 3306 the default mysql >port) > >When I do this with ftp, I can connect, login and all is well. But I get >illegal port command errors. My research has told me that wu-ftpd don't like >when you tunnel to it. > >Has anyone done this before? Is there a better way to secure database >transactions? > > >_______________________________________________ >tclug-list mailing list >tclug-list at mn-linux.org >https://mailman.mn-linux.org/mailman/listinfo/tclug-list -- Ben Lutgens cell: 612.670.4789 Sistina Software Inc. worl: 612.379.3951 Code Monkey Support (A.K.A. System Administrator) "It's hard to believe that's the same frail woman who once sprained her wrist from having too much dip on a cracker!" -- Frazier Crane