Starting SSH tunnel using Xinetd

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


My company has an external webserver housed somewhere.
I managed to set up some ssh tunnels to specfic ports. Mysql on port 3306
for example. Running the following command on my linuxbox:

ssh -g -T -N -x -L3306:webserver:3306 someuser@webserver

works great. now, everybody in the company can connect to my linuxbox on
port 3306 and gets fwded to the webserver in a secure way.

the only problem is that I have to open and close the tunnel by hand, so I
made a small config file in /etc/xinetd.d called mysql-tunnel:

service mysql

disable = no
socket_type = stream
protocol = tcp
wait = yes
user = sshunnel
server = /home/someuser/
port = 3306

and made sure "mysql 3306/tcp" was present in /etc/services.
i put the above mentioned ssh command in a small script called
/home/someuser/, made it executable and restarted xinetd.
Now, all tunnels are closed. I initiate a connection on port 3306 from
another pc to my linuxbox and nothing happens. the connection times out.


If I run "ps aux" it tells me that an ssh tunnel is running fine.
I check /var/log/secure and see that xinetd started the mysql-tunnel, but it
hasn't got a from address:

Jul 17 10:19:43 mylinuxbox xinetd[5422]: START: mysql pid=5425 from=<no

now, if I change the "wait" parameter in /etc/xinet.d/mysql-tunnel from
"yes" to "no" xinetd sees the from address:

Jul 17 10:46:58 mylinuxbox xinetd[5520]: START: mysql pid=5523
from= (my ipaddress)

and, my MYSQL interface doesn't time out, but throws an error.

I tried changing nearly every parameter in the /etc/xinet.d/mysql-tunnel
file, but I can't seem to find a solution.
I know this is probably an Xinet.d related problem, but I can't find a
newsgroup ...
Any help would be greatly appreciated.

Thx, Paul

Site Timeline