Securing the connection between MySQL and MySQL Administrator using an SSH tunnel
Author: Craig <craig [at] cass-hacks [dot] com>
Last edited 12/30/2006
This is a description of how to set up a secure tunnel between your MySQL Server and a locally running MySQL Administrator using Putty. By creating a secure tunnel to your MySQL server using Putty, you can grant localhost
access to powerful applications like MySQL Administrator while at the
same time, make your server appear as if it isn't even there. In
effect, make your MySQL server disappear from the outside world.
You will need the following software:
When completed, you will not only have a secure connection between your remote MySQL Server and a local instance of MySQL Administrator but more so, you will open up all the functions and features of MySQL Administrator that are only available to instances running locally on the server itself.
Step 1, Selecting a server connection profile in Putty
Click on whichever connection name you wish to use for the secure tunnel.
Step 2, Click "Load"
Step 3, Go to Connection > SSH > Tunnels
Step 4, Enter MySQL connection information
The "Source port" is the local port your MySQL Administrator will connect to instead of the remote (server) port it normally would. This can be any port currently unused on your system and should be different for every tunnel you wish to create.
The "Desitination" is the address and port of your actual MySQL Server. But since your SSH connection will be considered "local" to your MySQL Server, you should use either "127.0.0.1" or "localhost" depending on what works best.
Step 5, Adding the new tunnel information
Make sure the information in "Source port" and "Destination" are correct, that the "Local" radio button is selected and click "Add".
You should now see the new tunnel information displayed as shown.
Step 6 - SAVE YOUR SETTINGS!!!
BEFORE YOU DO ANYTHING ELSE go back to the main Putty screen and save the connection profile updates.
This can not be stressed strongly enough! If you do not save your new tunnel information, not only will you lose it on closing putty but you'll also lose it if you simply make a connection and you may even lose it while trying to make the connection in the first place!
Step 7 - Connect to the server
Connect to the server from Putty as you normally would.
Step 8 - Configure MySQL Administrator's connection settings.
Since your connection will now be through the secure tunnel created by Putty, your "Server Host" will now be local so use "127.0.0.1".
The "Port" should be set to the same port you set in Step 4.
Once the connection settings are correct, click "OK" and you should then be able to succesfully connect to your MySQL server except now, through a secure tunnel!