Hi all,

I have gone through all the posts in this thread and it seems I'm on the right track. But however, my problem has remained unsolved. Please consider the following scenario:

I want to connect to a remote MySQL server, lets say, mysql.server.com . Now this server does not allow direct communication from clients and the only possible communication is through an intermediate server, say, ssh.server.com . I'm on a linux machine and want to access the database using mysql-administrator or mysqlcc (MySQL Control Center). Here's what I do...

run the command:

ssh -L 3303:mysql.server.com:3306 user@ssh.server.com

Having read the above conversation, I can understand that this command shall enable a secure tunnelling in which all the communications from my local machine will be through port 3303 and ssh.server.com shall forward the same to and from mysql.server.com on port 3306. Let me know if I have misunderstood the above discussion.

The actual problem occurs when I try to access the database using mysqlcc or mysql-administrator. I'm not able to make out what parameters are to be fed so as to connect to my remote server. Here are the parameters that I have tried out:
***1***
HostName: mysql.server.com
User: dbUser (as set up on mysql.server.com)
Password: dbUserPass
Port: 3303

***2***
HostName: localhost
User: dbUser (as set up on mysql.server.com)
Password: dbUserPass
Port: 3303

***3***
HostName: localhost
User: dbUser (as set up on MY LOCAL MACHINE)
Password: dbUserPass
Port: 3303


Both, mysqlcc and mysql-administrator halt for a long time and ultimately cannot connect to the database. In the third case, however, both connect successfully but to my local database and not to the one on mysql.server.com. Can anybody please point out my error in the entire process?

P.S.: I have posted the same contents on another thread in this forum but then I decided to start a new thread just coz there were no newer posts on that one after June 2008.

Let say, you want connect from your.machine.com to MySql server on mysql.server.com through ssh.server.com

On ssh.server.com you make ssh port forward by
mysql.server.com will be resolved by the ssh.server.com after the connection is established (*)

From your.machine.com, instead of connect to mysql.server.com, you connect to ssh.server.com via port 3303
(*) ssh port forwarding reference link

This will work If I understand your situation correctly?

I've deleted your post in that thread in order for the discussion to remain in one place.

Thanks for that!

I checked that link and also tried to connect to mysql.server.com using the parameters that you suggested. To my dismay, mysql-administrator continued to halt when connected. Is there any other option for accessing/monitoring my database using a third party database client which allows SSH tunnelling? I have had a good experience with SQLYog Enterprise edition since it has SSH tunnelling options. Is there a similar tool available for Linux platforms?

After start ssh tunnel at ssh.server.com (please check your type to ssh.server.com not form your computer nor mysql.server.com)
Can you telnet from your.machine.com to ssh.server.com vi port 3303?
In the reference link, your situation like the one that described in figure 2th

This gives a connection timed out message. I assumed the port is not available. So I tried another port 11006. But the connection timed out for this port as well.

Edit: I'm total wrong, has direct you in wrong way. The right one in just in your first post, and ****2**** parameter is correct (After careful consideration). I'm really sorry for my mistake.

Your tunnel not ready or firewall has blocked connection between your.machine.com and ssh.server.com via port 3303 and 11006 (and all other port, except some specified port in firewall rules). So, we need more information here, could you check this:
- You start "ssh -L.." at ssh.server.com (not from your.machine.com nor mysql.server.com)
- When you're in ssh.server.com, after your tunnel started, Can you connect to ssh.server.com via port 3303 (use MySQL client or just telnet)? If not, "ssh -L.." console prints out any thing? If your connection is successful, then check the firewall in ssh.server.com and your.machine.com or contact your network administrator to check if we have any firewall between your.machine.com and ssh.server.com (As you described that you have to tunnel through ssh.server.com and ssh.server.com can connect to mysql.server.com I think there are some)
- To check your firewall in your.machine.com and ssh.server.com you can search in this linuxquestions.org to find out.

I don't have experience with other option that support ssh tunnel in Linux, and really want to know. Someone at LQ here can help us? But to use that tool, we still need to found your current problem.

Umm, I'm back again, read through nikhil010586's first post to my last one. I will summarize what I did wrong and try to finding something.

At nikhil010586's first post, there're two things to consider, what exactly error message of mysqlcc/mysql-administrator and did your local MySQL server listens on 3303? (not 3306) - because, in most case your MySQL server and your SSH tunnel cannot bind to same port (I haven't check if one port can be bind by two difference applications in difference network interfaces yet).

In my second post, I make my mistake, that command tunnels both ends in the same computer. but did it not procedure any error/warring?

In my third post (#6), my mind assumed wrongly that tunneling has been make between ssh.server.com and mysql.server.com without check tunnel command syntax. And that assume continue to my post #8, so i consider to check firewall between your.machine.com and ssh.server.com.

So, if i were you, there're more thing to check, all check is simple but long to write out. Let me list out:
- Check if you can connect to MySQL at mysql.server.com by port 3306 from ssh.server.com? (You have mentioned this in your fist post, but it's too general) if this's fail (by firewall..), we can make another tunnel between ssh.server.com and mysql.server.com
- After your tunnel from your.machine.com to ssh.server.com created by the very first ssh command in your first post, use telnet to check if you can connect to localhost from your.machine.com in port 3303 or not?
- Last thing to check, some user in MySQL associated with an domain, and that user only can connect from that domain. On of our MySQL server, root only can login from localhost, and other user can connect from other computer but not in localhost.

Hope I can help.

Well, all the three checks have been satisfied.

-Port 3306 is available from ssh.server.com to mysql.server.com
-Telnet on localhost 3303 gave successful results
-There's a possible connection from ssh.server.com to mysql.server.com . I have been using this to connect from a Windows client that has SSH tunnelling built-in.

Is there a problem with the tools that I'm using? It would be great if someone on LQ could suggest a good tool with SSH tunnelling feature available.

I have same problem connecting MYSQL Sever using SSH tunneling but my scanrio is different. i have a linux server which has enables ssh but MYSQL server is another server on the LAN of SSH server.

i.e
MYSQL Client->SSH->SSH Server->(LAN)->MYSQL Sever

Can some body advice me how to connect in this scanrio
I have acess to my middle server using SSH but even i can connect to mySQL server using command line. but how can i connect using MYSQL GUI

Waiting for reply
Thanks