SSH Tunnel

Objective[edit]

Create an SSH tunnel on a local machine which redirects MySQL requests to another machine on the LAN.

Establish SSH Tunnel[edit]

Use ssh to create the tunnel that open up a socket listening to a port on the local machine and forward request to that local port to the port specified on the remote machine. ^[1]

$ ssh -fN -L 8888:[REMOTE_SERVER]:3307 -p [NONSTANDARD_SSH_PORT] [USER]@[REMOTE_SERVER]

• -f Run the ssh command in the background
• -N Don't execute any commands on the remote machine. Just forward the port.
• -L Binds the local port to the remote port. ^[2]
• -p Non standard SSH port number. This is for establishing the SSH connection with the remote host. It has nothing to do with the port forwarding.
• 8888 is an arbitrary non-standard MySQL/MariaDB port to open on the local machine. Requests to this port are forwarded to the remote machine.
• 3307 is the port on the remote machine to which requests will be forwarded, e.g. 3307, the standard MariaDB port.

Troubleshooting[edit]

View SSH tunnels[edit]

$ lsof -i tcp | grep ^ssh

ssh       18250 damien    3u  IPv4 0xf863dcf7cc3dd6d5      0t0  TCP 192.168.123.105:56935->ds920:21098 (ESTABLISHED)
ssh       18250 damien    5u  IPv6 0xf863dcf7ce5b1e1d      0t0  TCP localhost:ddi-tcp-1 (LISTEN)
ssh       18250 damien    6u  IPv4 0xf863dcf7c661454d      0t0  TCP localhost:ddi-tcp-1 (LISTEN)

Destroy an SSH tunnel[edit]

Find the process id of the ssh tunnel. ^[3]

$ ps aux | grep [LOCAL_PORT_NUMBER]

Kill the process of the ssh tunnel.

$ kill -9 [PID]

See Also[edit]

Reference[edit]