[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision | ||
howtos:misc:connect_client_over_ssh_tunnel_to_mariadb [2019/06/25 14:45 (UTC)] – created mahafyi | howtos:misc:connect_client_over_ssh_tunnel_to_mariadb [2019/06/26 01:51 (UTC)] (current) – [How to connect mysql client over SSH tunnel to Mariadb server] mahafyi | ||
---|---|---|---|
Line 3: | Line 3: | ||
For setting up your working Mariadb server, [[howtos: | For setting up your working Mariadb server, [[howtos: | ||
- | You may want to connect clients to the database server over network securely. Instead of using TLS (which is available natively) for this, the same can also be achieved by tunneling over SSH by following the below steps. | + | You may want to connect clients to the database server over network securely. Instead of using TLS (which is [[https:// |
__**On the database server**__ | __**On the database server**__ | ||
- Ensure there is no blocking by firewall for the ports/ | - Ensure there is no blocking by firewall for the ports/ | ||
- | - Ensure that the SKIP=”..skip-networking…” line in / | + | - Ensure that the SKIP=”..skip-networking…” line in / |
- Identify a user who will be the SSH tunnel user. This refers to the Linux user. You may use the command ‘adduser < | - Identify a user who will be the SSH tunnel user. This refers to the Linux user. You may use the command ‘adduser < | ||
- Edit / | - Edit / | ||
Line 14: | Line 14: | ||
__**On the client machine**__ | __**On the client machine**__ | ||
- | Generate keys for authentication ssh-keygen without a passphrase as follows. You may use RSA also. The below command will create a private and public key after giving you file name option. Just hot enter to avoid using a passphrase. | + | Generate keys for authentication |
ssh-keygen -t ecdsa -b 521 -C my-comments | ssh-keygen -t ecdsa -b 521 -C my-comments | ||
The public key with filename extension .pub should be installed in the database server user’s authorized_keys. The contents of the .pub file can be copy pasted or you can use a command line utility like ssh-copy-id as shown below. Never copy the private key to other server. | The public key with filename extension .pub should be installed in the database server user’s authorized_keys. The contents of the .pub file can be copy pasted or you can use a command line utility like ssh-copy-id as shown below. Never copy the private key to other server. | ||
Line 27: | Line 27: | ||
====== Sources ====== | ====== Sources ====== | ||
<!-- If you are copying information from another source, then specify that source --> | <!-- If you are copying information from another source, then specify that source --> | ||
- | <!-- * Original source: [[http://some.website.org/some/page.html]] --> | + | <!-- * Original source: [[https://mariadb.com/resources/ |
<!-- Authors are allowed to give credit to themselves! --> | <!-- Authors are allowed to give credit to themselves! --> | ||
<!-- * Originally written by [[wiki: | <!-- * Originally written by [[wiki: | ||
<!-- * Contributions by [[wiki: | <!-- * Contributions by [[wiki: | ||
+ | Adapted from original source: [[https:// | ||
+ | |||
Originally written by [[wiki: | Originally written by [[wiki: | ||
<!-- Please do not modify anything below, except adding new tags.--> | <!-- Please do not modify anything below, except adding new tags.--> | ||
<!-- You must remove the tag-word " | <!-- You must remove the tag-word " | ||
{{tag> | {{tag> |