You want port forwarding. Check out the FAQ on that. What port forwarding
does is use your existing SSH connection to form a encrypted "tunnel" to
the other end of your connection and then to a target host:port.
Here's how I would do it:
With UNIX SSH, this is set up with the -L flag. In your case, it sounds
like you'd want a chain of two tunnels, or else you'd pass unencrypted SQL
traffic between Server1 and Server2. Setting up the tunnel from your
Client PC to Server1 varies with your client. You'll hafta read the docs
to your client. The example I give here uses UNIX SSH on the end client.
To connect from Client to Server1, use your usual command-line and add in
"-L 666:server1:666" This creates a tunnel on localhost:666 (that's the
Client) to server1:666. When connecting from Server1 to Server2, use "-L
666:server2:1000" to create a 2nd tunnel connecting server1:666 to
server2:1000.
Now, on your client, fire up the SQL client and point it at 127.0.0.1:666
and you should find yourself talking to Server2's SQL over an encrypted
tunnel. (Of course, use your own port #s as appropriate, 666 and 1000 are
just examples)
--
Gregor Mosheh
[EMAIL PROTECTED]
Systems Admin, Humboldt Internet
707.825.4638
On Mon, 10 Jul 2000 [EMAIL PROTECTED] wrote:
> Hi Ssh users,
>
> Our production database is accessed through an SSH
> server using RSA authentication as follows:
>
> My client -> Ssh Server 1 -> Ssh Server 2 (with database)
>
> I can connect okay using ssh-client on my pc
> and connect to ssh server 1, then ssh from there
> to ssh server 2, using RSA in both cases. What
> I get is a unix terminal session on the
> database box.
>
> However, I like to use client tools on my PC
> such as Oracle Enterprise Manager etc. to connect
> to the database. Is that possible? Any
> techniques/methods to achieve this?
>
> Any help is greatly appreciated.
>
> Regards,
>
> Porus.
>
>
