For security reasons we do not allow access to your MySQL data base
from outside hosts. But, being able to use front-end design tools
to do data base design and maintenance is a very valuable feature.
Fortunately, SSH port forwarding allows you to set up a secure connection
between your local PC and the MySQL data base running on the hosting
How to Setup SSH Port Forwarding
The first thing you're going to need is a good SSH client application.
If you're using Windows SecureCRT
is an excellent choice. If you're using a Macintosh all you can
do is hope that you'll soon have an SSH client. The next version
is supposed to (finally) support SSH. Once you install an SSH client
you'll want to read all the documentation that is included to get
your basic SSH to NetGate server connection established. Once you
have that working you can easily set up port forwarding to enable
the use any of the many excellent available MySQL design tools.
Check out the MySQL site for
a list of current applications.
Overview of Port Forwarding
Port forwarding is a powerful tool that allows you to secure TCP/IP
traffic using SSH protocol support. This means that you can encrypt
application data using protocols such as IMAP, POP3 and SMTP. For
example, you could encrypt the communication between your workstation
running the e-mail client and our POP server running SSH.
Port forwarding works by forwarding data from a local port to
the remote host/port. For example, to secure POP3 traffic through
your mail client, set up port forwarding with the following settings:
remote hostname: set to the mail server's hostname
Configure your mail client to use 127.0.0.1 (otherwise known as
"localhost") as the POP3 server's IP address. Hostname
and port configuration needs to be done in both in your SSH client
and the client application (e.g., e-mail). After connecting with
this session, POP3 traffic is encrypted to the SSH server as long
as your SSH client is running. If the connection to the SSH server
is broken or closed, the forwarded ports will no longer be forwarded,
and the client applications may receive an error when they try to
connect to the local port.
In general, with any port forwarded by SSH for an application,
the application needs to be reconfigured to use the localhost or
loopback address 127.0.0.1 as its application server address.
Setting up MySQL Port Forwarding
Once again, using the documentation included with your SSH client
set up port forwarding between your PC and the NetGate MySQL server.
Configure your SSH client to forward local port 3306 (default MySQL
port) to remote 127.0.0.1 port 3306. Using SecureCRT the settings
you would use in the Port Forwarding configuration are:
Then configure the design application to connect to your remote
MySQL db using "localhost" as the remote system name,
your login and password and the default port of 3306.