Double SSH Tunneling
This is just a self-reminder.
ssh -t -L 8000:localhost:8000 lec.cs.arizona.edu 'ssh -L 8000:sebeos:80 robotlab@sebeos'
lec.cs.arizona.edu is in the DMZ, and sebeos.cs.arizona.edu is one of the machines in the robot lab, which is behind the firewall. So, I'm basically double tunneling to sebeos via lec to access to sebeos from outside the firewall.
Mounting Remote Filesystem over SSH
I've been using this shell script for a long time and it works pretty well unless I have really slow network connection. When I upgraded to Snow Leopard from Leopard, the installer got rid of all files under /Volumes directory where this script was located. I probably should've put the file under /usr/bin. So I'm posting this as a backup just in case I lose the file again, but please feel free to use it if you have sshfs installed on your system.
#!/bin/sh
# @author Sumin Byeon
URI=user@dev.sumin.us
MOUNTPOINT=/Volumes/dev.sumin.us
OPTIONS="reconnect,follow_symlinks"
if [ ! -d $MOUNTPOINT ]; then
mkdir $MOUNTPOINT
fi
sshfs -o $OPTIONS $URI: $MOUNTPOINT
SSH Tunneling for Secure Connection to Remote MySQL Server
Introduction
Database is one of the must-have items for today's web application projects. I believe there are plenty of project teams who use MySQL, and I'm one of them. During the development process, there might be a case where the team members want to share a single database instance rather than keeping separate copies for each of members. However, in this case, security becomes our primary concern as MySQL does not provide a secure connection to remote clients.
(Still working on this part…)
In my opinion, SSH is such an awesome protocol. I can access to any remote computers from anywhere in this world, securely transfer files, and so on and so forth. In this article, I'll make a brief explanation on how to setup a SSH tunneling for secure connection to a remote MySQL server.
If you're not sure what 'tunneling' means, you might want to refer this article.
HOW-TO
ssh -L $LOCAL_PORT:localhost:3306 $REMOTE_SERVER
mysql -u $USER -p -h 127.0.0.1
Example
ssh -L 3306:localhost:3306 db.sumin.us
Then now I can connect to
mysql -u sumin -p -h 127.0.0.1
No localhost, but 127.0.0.1
If you tried to connect to localhost, then you probably got this kind of message.
ERROR 2002 (HY000): Can't connect to local MySQL server through socket
'/opt/local/var/run/mysql5/mysqld.sock' (2)
My perception is that when you connect to localhost then the MySQL client tries to establish an inter process communication through mysql.sock file.
Further Applications
You can use SSH tunneling for pretty much anything you want. AFP, SMB, or FTP. You name it.