What is SSH Port Forwarding and How It Works?
SSH stands for Secure SHell and is typically used as an encrypted
version of telnet. SSH allows you to access a remote server's shell
without compromising security. In a telnet session all communications,
including username and password, are transmitted in plain-text, allowing
anyone with adequate resources to listen-in on your session and steal
passwords and other information. Such sessions are also susceptible to
session hijacking, where a malicious user takes over your session once
you have authenticated. SSH serves to prevent such vulnerabilities.
When a mysql client communicates with the MySQL server, all
communication (with the exception of the user password) is done in plain
text. What this means is that if an unscrupulous individual gets
between your client and the server, they can have full access to all
information transmitted. In order to protect your information you need
to encrypt communications between the MySQL server and the GUI client.
SSH can be used to encrypt communications between the client and server.
This is known as SSH port forwarding or SSH tunneling. One benefit of
SSH port forwarding is that we can connect to a MySQL server from behind
a firewall when the MySQL server port is blocked.
SSH will listen on a specified port on the client machine, encrypt the
data it receives, and forward it to the remote SSH host on port 22 (the
SSH protocol port). The remote SSH host will then decrypt the data and
forward it to the MySQL server. The SSH host and the MySQL server do not
have to be on separate machines, but separate SSH and MySQL servers are
supported.
Requirements for SSH and MySQL
To perform port forwarding between a MySQL client application and the
MySQL server, you will need a SSH login account for port forwarding.
This account needs to either be located on the server running MySQL, or
on a machine that can be accessed remotely via SSH and which in turn has
network access to the MySQL server.
How to set up connection to remote MySQL server using SSH port forwarding
1. Double-click the "Add connection" icon on Task panel.
2. Enter the MySQL properties
In this example, we are specifying that port 3306 on your client machine
should be forwarded to the remote server. If the port 3306 is already
used (i.e. for local MySQL server), change the source port setting to
any value > 1024. To check ports availability, start the Windows
command line client and enter netstat -a.
When the remote SSH host is on a different machine than the MySQL
server, replace 127.0.0.1 with the IP address of the MySQL server
(relative to the SSH host). Never use "localhost" for hostname.
Note that the username and password used on this page are the values of your MySQL account and NOT SSH shell access
3. Set up SSH connection
MySQL port is a remote port that will be forwarded to the local port
entered on previous page. All other values are your SSH shell access
settings.
4. Click OK to Save settings.
5. Double-click the new connection to connect to remote MySQL server.
Troobleshooting
If you have never used SSH shell with this server before, you will be
probably see a PuTTy security alert. Click Yes to update register
registry keys. Wait for the timeout (30 s by default) and try again.
- 0 Utenti hanno trovato utile questa risposta
