2

I am trying to connect to MySQL from my MySQL GUI (Sequel Pro if it matters) using SSH tunnel. However, I keep getting the following error (mysql.log):

[Note] Aborted connection 98 to db: 'example' user: 'example_user' host: 'localhost' (Got an error reading communication packets)

My connection settings look like the following:

  • SSH host: example.com
  • SSH port: 22
  • SSH user: example_user
  • SSH pass: ********
  • DB host: 127.0.0.1
  • DB user: example_user
  • DB password: *******
  • DB name: example
  • DB port: 3306

I can connect to SSH with no problems. I can also connect to MySQL from inside SSH (using mysql -u example_user -p -h 127.0.0.1)

However, tunneling is not working. I have AllowTcpForwarding yes in sshd_config. MySQL config has bind-address = 127.0.0.1.

I am using 16.04 LTS and MySQL Community Edition in my server.

What am I doing wrong? This is the first time I am seeing this issue.

Gasim
  • 887
  • 4
  • 14
  • 22
  • 1
    What are you using to create the SSH tunnel? – Tero Kilkanen Mar 19 '17 at 16:20
  • Possible duplicate of [What causes the 'Connection Refused' message?](http://serverfault.com/questions/725262/what-causes-the-connection-refused-message) – user9517 Mar 19 '17 at 17:51
  • I am using the Sequel Pro client. That client currently connects to 3 different remote hosts via SSH tunnel. This is the only host where this doesn't work, so I my guess is it is a problem in the host machine. – Gasim Mar 19 '17 at 18:12
  • @istheEnglishway MySQL is listening on 127.0.0.1:3306. I have UFW disabled and iptables is empty with default ACCEPT. One thing that I am having doubts here is the SSH server used in Ubuntu. It is called `OpenBSD Secure Shell server`. I have always used OpenSSH server and never had a single issue with it. Can this server not have a TCP forwarding feature? I am asking this because `AllowTcpForwarding` option did not exist in sshd_config. I added it myself with no luck – Gasim Mar 19 '17 at 18:21
  • Nevermind, OpenBSD Secure Shell is the long name for OpenSSH. – Gasim Mar 19 '17 at 18:24

2 Answers2

2

You can create several tunnels via command on workstation by example:

ssh -L 10080:127.0.0.1:80 -L 10006:127.0.0.1:3306 user@server

There are: 127.0.0.1 - ip-address tunnel's destination to connect from server, 80 and 3306 destination ports, 10080 and 10006 - local workstation's ports. This will allow you to connect to MySql server and to Http server via server's localhost interface. Run command mysql -p -u db_user -P 10006 -h 127.0.0.1 database_name on workstation to connect to MySql server. You can connect to PhpMyAdmin web interface, which is allowed only from 127.0.0.1. To do it simply write address http://127.0.0.1:10080 in your browser.

Mikhail Khirgiy
  • 2,003
  • 9
  • 7
  • 1
    For some reason tunelling like that actually works but tunelling through my mysql application doesn't work, which is very weird IMO. – Gasim Mar 21 '17 at 13:16
  • @Gasim Try to use "Standard connection" to host 127.0.0.1 and port 10006. – Mikhail Khirgiy Mar 21 '17 at 13:23
  • Also check how well will a long file (500Mb) be copied from server to workstation via scp command? – Mikhail Khirgiy Mar 21 '17 at 13:31
  • staandard connection worked. I just didn't want to have a separate tunnel open when my app can do it. I'm going to investigate to see what can cause this problem. – Gasim Mar 21 '17 at 15:17
  • I think you can use sshd log on the server as described at http://serverfault.com/questions/130482/how-to-check-sshd-log – Mikhail Khirgiy Mar 21 '17 at 15:45
0

I had a similar issue, and per this answer, the solution was removing the 'any' user.

It seems that MySQL sees a difference between a user connecting via localhost and 127.0.0.1, which is part of the issue if I understand it correctly.

Jade Steffen
  • 1