Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Paul Herbosch
July 17, 2003, 9:12 am
rate this thread
My company has an external webserver housed somewhere.
I managed to set up some ssh tunnels to specfic ports. Mysql on port 3306
for example. Running the following command on my linuxbox:
ssh -g -T -N -x -L3306:webserver:3306 someuser@webserver
works great. now, everybody in the company can connect to my linuxbox on
port 3306 and gets fwded to the webserver in a secure way.
the only problem is that I have to open and close the tunnel by hand, so I
made a small config file in /etc/xinetd.d called mysql-tunnel:
disable = no
socket_type = stream
protocol = tcp
wait = yes
user = sshunnel
server = /home/someuser/mysql_tunnel.sh
port = 3306
and made sure "mysql 3306/tcp" was present in /etc/services.
i put the above mentioned ssh command in a small script called
/home/someuser/mysql_tunnel.sh, made it executable and restarted xinetd.
Now, all tunnels are closed. I initiate a connection on port 3306 from
another pc to my linuxbox and nothing happens. the connection times out.
If I run "ps aux" it tells me that an ssh tunnel is running fine.
I check /var/log/secure and see that xinetd started the mysql-tunnel, but it
hasn't got a from address:
Jul 17 10:19:43 mylinuxbox xinetd: START: mysql pid=5425 from=<no
now, if I change the "wait" parameter in /etc/xinet.d/mysql-tunnel from
"yes" to "no" xinetd sees the from address:
Jul 17 10:46:58 mylinuxbox xinetd: START: mysql pid=5523
from=01.02.03.04 (my ipaddress)
and, my MYSQL interface doesn't time out, but throws an error.
I tried changing nearly every parameter in the /etc/xinet.d/mysql-tunnel
file, but I can't seem to find a solution.
I know this is probably an Xinet.d related problem, but I can't find a
Any help would be greatly appreciated.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum