NetGate Internet Products and Services 1-877-715-4927
Hosting Access Support About Us Contact Us
Sign Me Up!

Support Home
Phone Support
System Status
Search Our Site

MySQL Front-end Apps via SSH Port Forwarding

For security reasons we do not allow access to your MySQL data base from outside hosts. But, being able to use front-end design tools to do data base design and maintenance is a very valuable feature. Fortunately, SSH port forwarding allows you to set up a secure connection between your local PC and the MySQL data base running on the hosting server.

How to Setup SSH Port Forwarding

The first thing you're going to need is a good SSH client application. If you're using Windows SecureCRT is an excellent choice. If you're using a Macintosh all you can do is hope that you'll soon have an SSH client. The next version of BetterTelnet is supposed to (finally) support SSH. Once you install an SSH client you'll want to read all the documentation that is included to get your basic SSH to NetGate server connection established. Once you have that working you can easily set up port forwarding to enable the use any of the many excellent available MySQL design tools. Check out the MySQL site for a list of current applications.

Overview of Port Forwarding

Port forwarding is a powerful tool that allows you to secure TCP/IP traffic using SSH protocol support. This means that you can encrypt application data using protocols such as IMAP, POP3 and SMTP. For example, you could encrypt the communication between your workstation running the e-mail client and our POP server running SSH.

Port forwarding works by forwarding data from a local port to the remote host/port. For example, to secure POP3 traffic through your mail client, set up port forwarding with the following settings:

• local port=110
• remote hostname: set to the mail server's hostname
• remote port=110.

Configure your mail client to use (otherwise known as "localhost") as the POP3 server's IP address. Hostname and port configuration needs to be done in both in your SSH client and the client application (e.g., e-mail). After connecting with this session, POP3 traffic is encrypted to the SSH server as long as your SSH client is running. If the connection to the SSH server is broken or closed, the forwarded ports will no longer be forwarded, and the client applications may receive an error when they try to connect to the local port.

In general, with any port forwarded by SSH for an application, the application needs to be reconfigured to use the localhost or loopback address as its application server address.

Setting up MySQL Port Forwarding

Once again, using the documentation included with your SSH client set up port forwarding between your PC and the NetGate MySQL server. Configure your SSH client to forward local port 3306 (default MySQL port) to remote port 3306. Using SecureCRT the settings you would use in the Port Forwarding configuration are:

Then configure the design application to connect to your remote MySQL db using "localhost" as the remote system name, your login and password and the default port of 3306.