From owner-freebsd-security Wed Apr 19 2:58: 6 2000 Delivered-To: freebsd-security@freebsd.org Received: from eastwood.aldigital.algroup.co.uk (eastwood.aldigital.algroup.co.uk [194.128.162.193]) by hub.freebsd.org (Postfix) with ESMTP id DAD8C37B551 for ; Wed, 19 Apr 2000 02:58:02 -0700 (PDT) (envelope-from adam@algroup.co.uk) Received: from algroup.co.uk ([192.168.192.2]) by eastwood.aldigital.algroup.co.uk (8.8.8/8.6.12) with ESMTP id JAA06520; Wed, 19 Apr 2000 09:56:33 GMT Message-ID: <38FD82D2.F4449B52@algroup.co.uk> Date: Wed, 19 Apr 2000 10:56:34 +0100 From: Adam Laurie X-Mailer: Mozilla 4.7 [en-gb] (Win98; I) X-Accept-Language: en MIME-Version: 1.0 To: dan@langille.org Cc: freebsd-security@FreeBSD.ORG Subject: Re: using mysql over ssh References: <200004190730.TAA21657@ducky.nz.freebsd.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dan Langille wrote: > > > I want to access a mysql database remotely. I've had success with > > the following approach: > > > > ssh user@mydomain.org /usr/local/mysql/bin/mysql -uuserid > > -ppassword dbname < mysql.sql > > There is nothing like finding the answer shortly after posting a question. > > I found the solution at: > > http://www.mysql.com/php/manual.php3?section=Password_security > > You create ~/.my.cnf and add this: > > [client] > password=your_pass > > Then you don't need to specify the password on the command line as > shown above. > > I'd still like feedback about my points 1 and 2 in my original post. Open two terminal windows... In window one, do: ssh -L 3306:localhost:3306 user@mydomain.org In window two, do: mysql -h localhost -u userid -p dbname < mysql.sql the mysql client will tunnel it's connection to the remote server, and you will be prompted locally for the password (if you're using an up to date copy of mysql). You can also use this method for an interactive session... You will need to have the remote server up to use MYSQL_TCP_PORT instead of the default MYSQL_UNIX_PORT, and it's a good idea to bind it to loopback to that only local or tunneled clients can connect. cheers, Adam -- Adam Laurie Tel: +44 (181) 742 0755 A.L. Digital Ltd. Fax: +44 (181) 742 5995 Voysey House Barley Mow Passage http://www.aldigital.co.uk London W4 4GB mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message