From owner-freebsd-security Wed Apr 19 15: 6: 5 2000 Delivered-To: freebsd-security@freebsd.org Received: from ducky.nz.freebsd.org (chilled.unixathome.org [203.79.82.27]) by hub.freebsd.org (Postfix) with ESMTP id 6BB6437B5AD for ; Wed, 19 Apr 2000 15:06:00 -0700 (PDT) (envelope-from dan@langille.org) Received: from wocker (wocker.int.nz.freebsd.org [192.168.0.99]) by ducky.nz.freebsd.org (8.9.3/8.9.3) with ESMTP id KAA26315 for ; Thu, 20 Apr 2000 10:05:58 +1200 (NZST) Message-Id: <200004192205.KAA26315@ducky.nz.freebsd.org> From: "Dan Langille" Organization: langille.org To: freebsd-security@FreeBSD.ORG Date: Thu, 20 Apr 2000 10:05:56 +1200 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: using mysql over ssh Reply-To: dan@langille.org In-reply-to: <38FD82D2.F4449B52@algroup.co.uk> X-mailer: Pegasus Mail for Win32 (v3.12b) Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 19 Apr 00, at 10:56, Adam Laurie wrote: > Dan Langille wrote: > > > > > I want to access a mysql database remotely. I've had success with the > > > following approach: > > > > > > ssh user@mydomain.org /usr/local/mysql/bin/mysql -uuserid > > > -ppassword dbname < mysql.sql > > > > There is nothing like finding the answer shortly after posting a > > question. > > > > I found the solution at: > > > > http://www.mysql.com/php/manual.php3?section=Password_security > > > > You create ~/.my.cnf and add this: > > > > [client] > > password=your_pass > > > > Then you don't need to specify the password on the command line as > > shown above. > > > > I'd still like feedback about my points 1 and 2 in my original post. > > Open two terminal windows... > > In window one, do: > > ssh -L 3306:localhost:3306 user@mydomain.org > > In window two, do: > > mysql -h localhost -u userid -p dbname < mysql.sql > > the mysql client will tunnel it's connection to the remote server, and you > will be prompted locally for the password (if you're using an up to date > copy of mysql). You can also use this method for an interactive session... > > You will need to have the remote server up to use MYSQL_TCP_PORT instead of > the default MYSQL_UNIX_PORT, and it's a good idea to bind it to loopback to > that only local or tunneled clients can connect. What is the point of two windows? Note: the goal is to put all of this into a script. It will not be interactive. There will be nobody there to reply to a prompt. That's why I like the ~/.my.cnf entry so much. thanks. -- Dan Langille [I'm looking for more work] http://www.langille.org/ | http://www.unixathome.org/ http://www.racingsystem.com/ | http://www.freebsddiary.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message