Have you used the IP address of hermes in the command line to 'mysql'? MySQL may be getting confused with the server name it is being handed. Just a guess.

With ftp, have you forwarded ports 20 and 21? Have you tried setting your client to passive mode using just port 21?


>>> blutgens at sistina.com 03/08/01 03:00PM >>>
Hi all, we wanna secure the way our webserver talks to our database. We'd like
for all mysql work to be done though an ssh tunnel. I found very little
documentaion on this save a few mailing list posts. Essentially here's what I
am doing.

1.)in one terminal from hermes.sistina.com
ssh -L 13306:bender.sistina.com:3306 bender.sistina.com sleep 20

2.) then from a nother shell on the same machine 
mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD

I have tried the tunnel with ftp, telnet, and I get my mail from my imap
server this way with fetchmail but for some reason I get 
ERROR 2003: Can't connect to mysql server on 'hermes' (111)

It's my understanding that with the ssh command above anything trying to
connect to port 13306 on the local machine is tranparently pushed though the
tunnel to the port on the other end (in this case 3306 the default mysql port)

When I do this with ftp, I can connect, login and all is well. But I get
illegal port command errors. My research has told me that wu-ftpd don't like
when you tunnel to it.

Has anyone done this before? Is there a better way to secure database
transactions? 
-- 
Ben Lutgens		cell: 612.670.4789
Sistina Software Inc.	worl: 612.379.3951
Code Monkey Support (A.K.A. System Administrator)

"It's hard to believe that's the same frail woman who once sprained her wrist
from having too much dip on a cracker!" -- Frazier Crane