2

I want to connect to my database with the tool SquirreL in ssh. Is it possible? Sadly I have no other options for this server, so I ll have to change of tool if it is not working.

Nakilon
  • 34,866
  • 14
  • 107
  • 142
Nicolas D
  • 1,182
  • 18
  • 40
  • Graphical SQL clients such as SquirreL (and HeidiSQL, and MySQL Workbench) connect directly to the SQL server without an intermediate connection. Why does this standard method not work? Is the machine not accessible remotely? Is the port the server is running on blocked on either your side or the server's side? – Pablo Canseco Oct 12 '15 at 15:45
  • the machine is only accessible with ssh connexion sadly, it is blocked on server side. Or I can still use phpmyadmin... ( sic) – Nicolas D Oct 12 '15 at 15:54
  • If phpmyadmin is installed, that's probably the best way to interact with the server since it has sql dumping, query execution, table structure and data browsing, and all that usual stuff. If not, you can probably install it since you have SSH access. – Pablo Canseco Oct 12 '15 at 15:57
  • An application like `phpMyAdmin` is a potential attack vector. Fine for a development server, but anyone using `ssh` may actually have a remote server that shouldn't have any extra holes punched in it. – Lambart Apr 14 '17 at 18:57

2 Answers2

10

There's no way to do it directly through Squirrel, but it's ridiculously easy (when you know how) to set up the ssh tunnel that Squirrel can use.

I'd forgotten how, and came here looking for something to refresh my memory... but I had no luck on StackOverflow, so I did the research and I'm leaving the solution here for future-me... and hopefully it'll help someone else, too.

  1. Create the ssh tunnel:

    $ ssh -v -N -L3307:localhost:3306 remotehostname

    I chose to use port 3307, since I also have MySQL running locally on port 3306.

    Details (or you can just skip to step 2):

    3307 is the port you want to use locally to refer to the remote system.

    I believe that localhost here is referring to the remote system, from its own point of view, so localhost:3306 references the the standard MySQL port on the remote system.

    -v is optional; it just makes ssh's output more verbose, which can help with troubleshooting. You're not going to be using the window running ssh for anything else, so might as well let it be chatty.

    -N says you're not interested in actually opening a shell on the remote host. We're here for a database connection only.

    If you have the verbose option turned on, you should see a message like this:

    debug1: Local connections to LOCALHOST:3307 forwarded to remote address localhost:3306

    If you don't have verbose output turned on, you'll only see something like Authenticated to 10.0.1.234 (via proxy).

  2. Set up an "alias" in Squirrel that looks something like this: Squirrel screenshot

    Click Test and then Connect to test your connection.

    If you ran ssh with the -v option, you can watch the window while you attempt to connect via Squirrel. You should see something like this for a successful connection:

    debug1: Connection to port 3307 forwarding to localhost port 3306 requested. debug1: channel 2: new [direct-tcpip] debug1: channel 2: free: direct-tcpip: listening port 3307 for localhost port 3306, connect from 127.0.0.1 port 54536 to 127.0.0.1 port 3307, nchannels 3

  3. When you're done with the database, just hit CtrlC in the ssh window to kill the tunnel (if you left off the -N option, I guess you'd have to hit CtrlD to close the shell).

Lambart
  • 1,985
  • 2
  • 21
  • 37
  • And by the way, once you have this set up, the JDBC connection string can probably be used with any JDBC client, including IntelliJ IDEA (it has its own ssh tunnelling support, but it won't work with jump hosts). – Lambart Apr 14 '17 at 19:28
1

Sadly squirrelSQL does not support ssh tunneling. Fortunately, MySQL Workbench does support ssh tunneling so I would recommend using that instead if you are connecting to a MySQL database.

An alternative to using a different tool is to use ssh port forwarding. Essentially you can forward port 3306 (or whatever port your MySQL DB uses) from the remote box to your local box. There are a number of guides on the web on how to do this. Once the tunnel with port forwarding is established you can use a local connection string like 'localhost:3306'. to connect to the remote db. It's good idea to put the ssh connection string in a .sh or .bat file because you'll have to run when you need to connect to the DB for the first time.

risingfish
  • 354
  • 3
  • 9
  • yeah that was what i did, but it is still fastidious and not really user friendly / effective compared to some other tools – Nicolas D Nov 23 '16 at 11:01