List:General Discussion« Previous MessageNext Message »
From:BJ Swope Date:May 7 2007 5:19pm
Subject:Re: secure port 3306
View as plain text  
On 5/7/07, Steven Buehler <steve@stripped> wrote:
>         Thank You so much.  I will have to try this later today.  I have
> never done a port forward in iptables before.  I knew that I could, but
> just
> never had a need or tried so it slipped my mind about this.
>         The thing is...I need to securely do this.  Here would be the
> setup
> Desktop -> Secure connection to Server 1 -> Secure connection to Server 2.
> So I am assuming that what I need to do is to have the Desktop SSH into
> Server 1 which will have the iptables setup to tunnel to Server 2 and then
> use a tunnel from Secure CRT (or putty) to tunnel all the way to Server 2
> through Server 1?  Server one can only be accessed with SSH from Server 1.
> Again, Thank You.
> Steve

You can forward a port on your local computer, through server1 to server2
using ssh tunnelling.

ssh -L 3306:server2_ip_address:3306  user@stripped

now you can point your sql client to localhost 3306 and it will then be
transported across your ssh session to server1.  Once it gets to server1
then server1 will forward that traffic to server2 on port 3306.

putty, a well known windows based ssh client can do this under Connection >
SSH > Tunnels.

Source Port is the Port on the local machine that will be forwarded across
the ssh connection.
Destination is the IP:Port to where the tunneled traffic is delivered.
Choose "Local" as the type of tunnel and do not forget to click the "Add"
button to add the tunnel to the ssh connection you are configuring.

secure port 3306Steven Buehler2 May
  • RE: secure port 3306Jay Blanchard2 May
  • Re: secure port 3306Mogens Melander2 May
  • RE: secure port 3306Steven Buehler4 May
RE: secure port 3306Steven Buehler7 May
  • Re: secure port 3306BJ Swope7 May
  • RE: secure port 3306Mogens Melander7 May
    • RE: secure port 3306Steven Buehler7 May
      • RE: secure port 3306Mogens Melander7 May