On Thu, Mar 08, 2001 at 03:41:25PM -0600, Troy Johnson wrote: >Have you used the IP address of hermes in the command line to 'mysql'? MySQL may be getting confused with the server name it is being handed. Just a guess. Yes. > >With ftp, have you forwarded ports 20 and 21? Have you tried setting your client to passive mode using just port 21? I didn't mess with the ftp think to much. I just wanted to verify tht I was doing the ssh command properly and able to push through the tunnel. > >>>> blutgens at sistina.com 03/08/01 03:00PM >>> >Hi all, we wanna secure the way our webserver talks to our database. We'd like >for all mysql work to be done though an ssh tunnel. I found very little >documentaion on this save a few mailing list posts. Essentially here's what I >am doing. > >1.)in one terminal from hermes.sistina.com >ssh -L 13306:bender.sistina.com:3306 bender.sistina.com sleep 20 > >2.) then from a nother shell on the same machine >mysql -h hermes.sistina.com -P 13306 -u$USERNAME --p$PASSWORD > >I have tried the tunnel with ftp, telnet, and I get my mail from my imap >server this way with fetchmail but for some reason I get >ERROR 2003: Can't connect to mysql server on 'hermes' (111) > >It's my understanding that with the ssh command above anything trying to >connect to port 13306 on the local machine is tranparently pushed though the >tunnel to the port on the other end (in this case 3306 the default mysql port) > >When I do this with ftp, I can connect, login and all is well. But I get >illegal port command errors. My research has told me that wu-ftpd don't like >when you tunnel to it. > >Has anyone done this before? Is there a better way to secure database >transactions? >-- >Ben Lutgens cell: 612.670.4789 >Sistina Software Inc. worl: 612.379.3951 >Code Monkey Support (A.K.A. System Administrator) > >"It's hard to believe that's the same frail woman who once sprained her wrist >from having too much dip on a cracker!" -- Frazier Crane > >_______________________________________________ >tclug-list mailing list >tclug-list at mn-linux.org >https://mailman.mn-linux.org/mailman/listinfo/tclug-list -- Ben Lutgens cell: 612.670.4789 Sistina Software Inc. worl: 612.379.3951 Code Monkey Support (A.K.A. System Administrator) "It's hard to believe that's the same frail woman who once sprained her wrist from having too much dip on a cracker!" -- Frazier Crane -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://shadowknight.real-time.com/pipermail/tclug-list/attachments/20010308/a2b8f64d/attachment.pgp