On Thu, Mar 08, 2001 at 03:44:45PM -0600, Thomas T. Veldhouse wrote: >MySQL will get the servername of where ever sshd is running. I do this all >the time -- allows me a local ODBC connection accross ssh to MySQL running >on a different firewalled machine. o.k. so what mysql command do you use? > >Tom Veldhouse >veldy at veldy.net > >----- Original Message ----- >From: "Troy Johnson" <Troy.A.Johnson at state.mn.us> >To: <tclug-list at mn-linux.org> >Sent: Thursday, March 08, 2001 3:41 PM >Subject: Re: [TCLUG] tuneling mysql though ssh > > >> Have you used the IP address of hermes in the command line to 'mysql'? >MySQL may be getting confused with the server name it is being handed. Just >a guess. >> >> With ftp, have you forwarded ports 20 and 21? Have you tried setting your >client to passive mode using just port 21? >> >> >> >>> blutgens at sistina.com 03/08/01 03:00PM >>> >> Hi all, we wanna secure the way our webserver talks to our database. We'd >like >> for all mysql work to be done though an ssh tunnel. I found very little >> documentaion on this save a few mailing list posts. Essentially here's >what I >> am doing. >> >> 1.)in one terminal from hermes.sistina.com >> ssh -L 13306:bender.sistina.com:3306 bender.sistina.com sleep 20 >> >> 2.) then from a nother shell on the same machine >> mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD >> >> I have tried the tunnel with ftp, telnet, and I get my mail from my imap >> server this way with fetchmail but for some reason I get >> ERROR 2003: Can't connect to mysql server on 'hermes' (111) >> >> It's my understanding that with the ssh command above anything trying to >> connect to port 13306 on the local machine is tranparently pushed though >the >> tunnel to the port on the other end (in this case 3306 the default mysql >port) >> >> When I do this with ftp, I can connect, login and all is well. But I get >> illegal port command errors. My research has told me that wu-ftpd don't >like >> when you tunnel to it. >> >> Has anyone done this before? Is there a better way to secure database >> transactions? >> -- >> Ben Lutgens cell: 612.670.4789 >> Sistina Software Inc. worl: 612.379.3951 >> Code Monkey Support (A.K.A. System Administrator) >> >> "It's hard to believe that's the same frail woman who once sprained her >wrist >> from having too much dip on a cracker!" -- Frazier Crane >> >> _______________________________________________ >> tclug-list mailing list >> tclug-list at mn-linux.org >> https://mailman.mn-linux.org/mailman/listinfo/tclug-list >> > >_______________________________________________ >tclug-list mailing list >tclug-list at mn-linux.org >https://mailman.mn-linux.org/mailman/listinfo/tclug-list -- Ben Lutgens cell: 612.670.4789 Sistina Software Inc. worl: 612.379.3951 Code Monkey Support (A.K.A. System Administrator) "It's hard to believe that's the same frail woman who once sprained her wrist from having too much dip on a cracker!" -- Frazier Crane -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010308/afc7401e/attachment.pgp