Setting up a SSH tunnel


As UNIX/Linux/Mac OS X has the ssh package the configuration of the tunnel is possible from the command line. However, on Windows platform SSH is not available and needs to either be installed or a separate package used to complete the tunnel. We shall deal with each of these separately in the next sections.

UNIX/Linux and Mac OS X

On UNIX/Linux and Mac OS X, if the ssh packages have been installed we can setup the tunnel with a single command issued from the command line:

$ ssh -L [bind_address:]port:host:hostport {username}@{remote host}

The -L option specifies that a local port on the local (client) host is to be forwarded to the given host and port on the remote side.

You must complete the login process in order to setup the tunnel.

Here is an example:

$ ssh -L 3306:einstein:3306 rcashell@einstein
Password:
Last login: Tue Jul 26 10:33:21 2011 from 192.168.1.2
IT Integrated Business Solutions (c) 2007
rcashell@einstein>

It should be noted at this point that the tunnel remains open as long as this connection remains alive. If you attempt to logout then the tunnel will disappear.

At this point the tunnel has been created. To access the service we need to access the service at localhost (127.0.0.1) and port:3306.

We now need to configure MySQL Workbench. The connection should be to hostname 127.0.0.1 and port 3306 which redirects across the tunnel to linux and port 3306. In the example below we can see that we attempt a connection prior to enabling the tunnel which fails. We test again after the tunnel has been created and this succeeds and again we test when the tunnel is closed again and we can see that this attempt fails.

Windows

For our tests we are going to use PuTTY and MySQL Workbench. PuTTY is a free implementation of Telnet and SSH for Windows and UNIX platforms. The solution is comprehensive and includes a facility for creating tunnels over which we will connect to our database server with encrypted communications.

Setup SSH connection

The first step is to fill in the SSH client connection configuration as follows.

Setup Tunnel configuration

Here we add in the default port for MySQL server i.e. 3306 and the remote host and port number. Be sure to click the Add button.

Initialize MySQL Workbench connection

Here we initialize the connection configuration in MySQL Workbench and connect to the server via the SSH tunnel.