-1

I have several concurrent + remote Java/MySQL connections to a private cloud server, on a first approach I begun to make these connections (connect, query, close connection) directly to the server's public IP, which worked normally, but it's not the correct approach due to some security configuration that is going to leave the MySQL binding as localhost (won't be able to use the public IP to access it anymore).

So I have to connect to MySQL through an SSH tunnel. I've seen several responses as 'how to make this' with java, like:

Connect to remote MySQL database through SSH using Java

Java SSH MySQL connection

Which are quite clear and understandable, but I still don't understand if I have to open and close the SSH tunnel everytime I need to open and close a MySQL connection, or what could be the troubles that I could find with SSH sessions.

Also any tips on where and how to store SSH the credentials would be highly appreciated. So far I was saving them on HKEY_LOCAL_MACHINE with base64 for the MySQL user, but it doesn't seem secure enough for the SSH credentials.

Ghaamae
  • 71
  • 1
  • 10
  • 1
    They are stating that you create the tunnel on the local machine and it will just be up and open. then you direct your DB connection at the local end. if you run the program with the tunnel down it will just fail to connect. – mavriksc May 15 '19 at 20:37
  • @mavriksc, so the java application would be still pointing to the server's public IP, with the tunnel open ? – Ghaamae May 15 '19 at 20:42
  • 1
    no. the java application will be pointed at sql://localhost:jdbcPort/... the machine the application is running on will have a tunnel from localhost:jdbcPort to DbServer.com:MySqlPort thru the open ssh port on the server. – mavriksc May 15 '19 at 20:46
  • @mavriksc Thank you very much. Your comments helped me find the solution. I will further explain in the answer section in case someone faces the same confusion. – Ghaamae May 15 '19 at 21:35

1 Answers1

1

First of all, in this case scenario I needed to use one of my local machine's unused ports to configure which is going to be linked to my server's 3306 port.

I used PuTTY as I am currently working on Windows, there are other native solutions for Unix.

For testing I used the 3307 port of my 127:0:0:1 under the SSH > Tunnel configuration to link to my private server's public IP and port X:X:X:X:3306.

Following these tutorials:

http://www.ytechie.com/2008/05/set-up-a-windows-ssh-tunnel-in-10-minutes-or-less/

https://www.youtube.com/watch?v=7YNd1tFJfwc

In the end I managed to successfully connect to my private server configured connection as 127.0.0.1:3307 on MySQL Workbench, keeping the SSH PuTTY tunnel session open.

So as in the comment session is said, the Java code will point to my localhost 127:0:0:1:3307, but will operate on my server's public IP with the server's MySQL credentials as long as the SSH tunnel is open.

I will keep further investigating on how to keep the session open, or refresh it to avoid loss of connection errors.

Ghaamae
  • 71
  • 1
  • 10