ssh/config will tunnel you to 'targetHost' thru 'firewallHost'. SSH Hostname would just be 'targetHost' where the proxycommand from your. ssh/config if you call workbench with the same user that the. ![]() From here your mysql settings can be used as if you would directly connect to mysqlserver as the workbench is expecting.Īs you wrote, you are on the same machine (Ubuntu 14) that is able to connect to your mysql database behind firewallhost, you should just use the values in workbench that you use on the console. This should bring you onto your mysqlserver thru your firewallhost. ![]() I did not test it, but it is not unusal for application to pass the content of Hostname fields right into the ssh call. With chance, you are allowed to give ssh params with it. Then you could try the following as ' SSH Hostname' in workbench. If your ssh_config looks like this: Host server As you wrote it inline and not as '-o' Option, I assume you have this in your ssh_config. You said you are able to connect with proxycommand. Ok, as you have no direct access to firewallhost for creating an persistent tunnel, try another way. This can be even done on the public nic of firewallhost, but you want it on localhost as you don't want expose your mysql port to the public ) Screen -d -m /usr/bin/ssh -v -o "StrictHostKe圜hecking=no" -o "UserKnownHostsFile=/dev/null" -o "BatchMode=yes" -i /your/.ssh/ssh_host_dsa_key -q -L locahost:33060:localhost:3306 must just 'imagine' that such an ssh tunnel can 'transport' any port stream from one machine to another by opening a 'new' port on the machine you create that ssh tunnel (here firewallhost). This can be put into your rc.local or whatever you use on firewallhost. To have the ssh tunnel on firewallhost persistent, you can start it there like the following way with a keyfile (for accessing databasehost) and an detached process thru screen. MySQL Hostname: localhost (as we opened a tunnel on firewallhost's localhost) SSH Password: your pass for some valid user.SSH Username: some valid user on firewallhost.Ssh -L localhost:33060:localhost:3306 creates an openssh tunnel for localhost (not public on any nic) on port 33060 (or whatever port you have free here) on firewallhost which is in return connected over this tunnel with the 3306 port (again on localhost but on machine databasehost) because its connected as someshelluser on databasehost. That is quite ok, if you set up an persistent ssh tunnel on the firewallhost. So It's needed to create an open port on this server, that can access the 'real' mysql Server behind this firewall. So I assume firewallhost is the host reachable from your Workbench. Not to clear, if we get your setup correct. Default Schema: Equivalent to the SQL USE.MySQL Username: User name by which it will connect to MySQL, ie it has to be a valid user of MySQL and be authorized for connection from the tunnel.MySQL Server Port: connection port MySQL, generalemente is 3306.If the SSH and MySQL service is running on the same host, the eastbound value is localhost or 127.0.0.1, because once the connection through the tunnel is established, the MySQL service listens for requests from localhost (depending on the value set in the directive bind_adress MySQL). MySQL Hostname: The address of the host on which MySQL is running the service, with respect to the SSH server.SSH Key File: A file containing the private key for authentication on the server if you have enabled PasswordAuthentication policy on the SSH server has the value no).SSH Password: User password in the SSH server (if configured mode password authentication).SSH Username: username in the SSH server. ![]() SSH Hostname: the address of the server that makes SSH tunnel (SSH server and MySQL can be the same host or the same network address, this will depend on the configuration). ![]() Values for the SSH server that provides the tunnel: Create a new connection and choose the connection method Standard TCP / IP over SSH.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |