All geek questions in one place

SSH tunneling in MySQL in C ++

Hi, I am developing a test application to understand how to perform SSH tunneling to connect to a MySQL database in C ++.

I use the libssh2 library, and I use the example from https://www.libssh2.org/examples/direct_tcpip.html , but I'm not 100% sure whether this is the right thing to use.

I copied this example quite a lot, but when connecting to MySQL in my mysql throws socket

Errro 2013 (HY000): Lost connection to mysql server while "reading communication packet", system error: 0

When I connect to mysql using mysql -uroot -p -P2222, my application reads the data through the pipe using the following:

int len = libssh2_channel_read(channel, buf, sizeof(len));

and buf contains SSH-2.0- , and then this is written to the forwarding socket as follows:

 wr = 0; while (wr < len) { i = send(forward_socket, buf + wr, len - wr, 0); if (i <= 0) { perror("write"); return EXIT_FAILURE; } wr += i; }

Once the transfer is complete, I will immediately get a mysql error. I suppose this is because I am sending SSH-2.0- to MySQL, which MySQL does not expect, so it closes the connection, but I don’t see what is wrong, and I can’t determine exactly whether libssh2 direct_tcpip is the right thing to use .

Thanks for any help you can provide.

+5
source share
2 answers

Finally, I managed to figure out what to do, with a lot of trial and error and hair extension.

Using the example from https://www.libssh2.org/examples/direct_tcpip.html , but I set the variables with the wrong value.

Basically, in the example, it has

 const char *remote_desthost = "localhost"; /* resolved by the server */ unsigned int remote_destport = 22;

Due to remote_destport in the example of 22, I thought it was SSH connection details, so I set this as my SSH settings.

Turns out this connection is being sent from an SSH session, so I changed it to

 const char *remote_desthost = "localhost"; /* resolved by the server */ unsigned int remote_destport = 3306;

So, now I can run my application from my laptop, which connects to my SSH server for my web server, and then the command runs on my laptop

mysql -uroot -p -P2222 and I connect to the database on my web server through an SSH tunnel.

0
source

I think you misunderstood what SSH Tunneling is.

SSH Tunneling is nothing more than a client socket for a server socket. EG is a network network server.

Putty Setup a SSH Tunnel

And to show that this is how it works. I used my personal web server and connected to the MySQL server, which does not allow external connections to be connected to it, so the connections are only with localhost.

SSH tunnel connection

To configure the SSH tunnel using LibSSH2, follow the code http://api.libssh.org/master/libssh_tutor_forwarding.html under the heading. Perform direct port forwarding using libssh

If you do not want to show the mapping to the port on your client computer, you do not need to manually send data to the channel and read it, however, if there is any form of encryption or encoding of the text that does not match your channel in mysql, you will send invalid data to it.

So, once you create SSH tunneling, you use it as a standard network connection to the port that you have Tunnelled to talk to the service, if you want to do this in C ++, use the MySQL C ++ Connector , and as soon as the tunnel creates a connection using the C ++ Connector.

If you want your application to talk to MySQL, although the SSH channel without exposing it to the network port, you probably have to mess up the source code for the C ++ MySQL Connector. Much, more work, in your opinion, will go through the entire connector, as well as write and read it through a network socket and replace it with code to go through your SSH tunnel.

+1
source

Source: https://habr.com/ru/post/1261350/

More articles:


All Articles