Eastearn

lemutugi profile picture Leonard Njeru @lemutugi user account status icon

How to Securely Connect to a Remote Database Using SSH Tunneling with a GUI Client

How to Securely Connect to a Remote Database Using SSH Tunneling with a GUI Client
October 9, 2024 1 comments
3 min read 389 Views

Let me show you a very safe and useful trick called SSH tunneling.

Scenario

I encountered a database problem while working on my computer within my home network. My application accesses a remote database that only services nodes local to its network, which is isolated from the outside.

The Challenge

Sometimes, I need to interact directly with the database. The only way to do this is by using SSH to open a remote terminal session on the server and using a command-line database client. However, I sometimes dislike command-line programs and prefer using a GUI database manager on mycomputer. Additionally, the database server is not configured to allow external requests, making it difficult for a GUI database client to connect.

The Solution: SSH Tunneling

To solve this, we can trick the GUI database client on my computer into thinking the database server is also running locally. We forward all its requests to the remote server using a secure channel, a technique known as SSH tunneling.

Creating an SSH Tunnel

Creating an SSH tunnel is straightforward using the SSH command. Here’s how you can do it:

  1. Open a Terminal: Use SSH to connect to the machine running the database server remotely.
  2. Forward Ports: Forward all requests sent to port 3307 on your laptop to port 3306 on the remote host. Note that port 3306 is used by MySQL in this case. Other databases may use different ports.

ssh tunnelling on windows

ssh user@remote_host -L 3307:localhost:3306 -N
  • -L 3307:localhost:3306: This tells SSH to forward port 3307 on your computer to port 3306 on the remote host.
  • -N: This option tells SSH not to execute any remote commands.

From the perspective of the remote network, the database server is running on localhost. This setup makes connecting to the remote database as easy as connecting to a local one.

Connecting with a GUI Client

For example, if you’re using a MySQL client like DBeaver, you would configure it to connect to localhost on port 3307, using the same credentials as the remote database.

Host: localhost
Port: 3307
Username: your_db_username
Password: your_db_password

dbeaver connection via ssh tunnelling

And that’s it! You can now securely connect to your remote database using SSH tunneling, enjoying the convenience of your preferred GUI database client.

Conclusion

SSH tunneling is a powerful and secure method to access remote databases, especially when direct connections are not possible. By following these steps, you can seamlessly integrate your GUI database client with remote servers, enhancing your workflow and productivity.

Login To Read Full Article
2 Reactions Share

1 Comments