3

I have two OpenSolaris servers. The remote server has a MySQL database. MySQL is configured with skip-networking; so, I can't access that database from the first server by simply using the hostname and port.

I must have an ssh tunnel setup to connect to MySQL from the local server. I can do this with a simple : ssh -L 3350:localhost:3306 user@server and SSH keys. It works great.

However, I need the connection to be permanent and preferably run on bootup as well.

I've created a little bash script to create the connection. However, it simply connects, ends the script, and loses the ssh connection. If I modify the script to run a command on the remote server and and a sleep command, it will stay connected for X seconds. I can then connect with MySQL. However, I will surely lose the connection after X seconds.

Does anyone have suggestions for a more elegant way to do this? Is there someway to use Solaris' svcadm to create the connection and maintain it at all times?

UPDATE : I've discovered that if I add sleep X and then create the MySQL connection before X expires, the ssh connection stays up indefinitely. However, that is not a very stable solution. If I lose the database connection, the ssh connection dies and then I'll be stuck without being able to connect again.

Justin Noel
  • 576
  • 1
  • 5
  • 9

5 Answers5

6

You want the -N option to OpenSSH. For example:

ssh -N -L 3350:localhost:3306 user@server &
Joe
  • 1,545
  • 1
  • 10
  • 15
  • LOL! I never thought of that. I was looking right at it with the man page. Thanks for the quick answer – Justin Noel Jun 12 '09 at 04:20
  • 3
    A nicer options is to use "ssh -T -f -N -L 3350:localhost:3306 user@server", SSH won't use a tty and immediately go into background. For the options to work you'll need public key authentication as you won't have any chance of entering a password – serverhorror Jun 12 '09 at 07:16
1

You want to look at a tool like autossh, which keeps an ssh tunnel working. If it dies, it automatically recreates it.

David Pashley
  • 23,497
  • 2
  • 46
  • 73
  • You could also add the command to inittab so the init process would start it on boot and restart it if ti stops (which would be due to error). – David Spillett Jun 12 '09 at 08:24
  • I can't install autossh or rstunnel. Check out http://www.jaisenmathai.com/blog/2008/10/10/secure-mysql-replication-between-colos-over-an-ssh-tunnel/comment-page-1/#comment-590 for a great way to maintain the connection permanently. – Justin Noel Jun 17 '09 at 02:51
1

I think you can try ssh-copy-id - permits easy propagation of SSH pub/priv keypair

ssh-copy-id -i ~/.ssh/id_rsa.pub root@192.168.75.10
Jeff Atwood
  • 13,104
  • 20
  • 75
  • 92
Rajat
  • 3,349
  • 22
  • 29
0

Or maybe rstunnel, which does almost the same as autossh -> http://sourceforge.net/projects/rstunnel/

wittwerch
  • 158
  • 1
  • 6
0

If you want to avoid the overhead of ssh, encryption, authentication, and such, you can do something very similar with netcat (or nc). There are lot of tutorials on the web. If you start with them and need more specific help, let me know.

Bruno Bronosky
  • 4,529
  • 3
  • 26
  • 34