Local Tunnels

Connecting to MySQL in plaintext is dangerous. Also, leaving port 3306 open your server is not very safe. If the MySQL server has an SSH port open, it’s possible to use it for MySQL queries. Simply open a bash prompt on Cygwin and type:

ssh -N -L 5000:localhost:3306 your-server &

Of course, replace your-server with the machine name of the MySQL server. Now, it’s possible to connect to the MySQL database using 127.0.0.1:5000. Sounds strange, but port 5000 on your machine is now MySQL on the remote machine. It’s called a tunnel and it’s a great way to get around needing to make holes in your firewall. It also has the benefit of being encrypted. This should work in Linux and Cygwin (windows).

Reverse Tunnels

It’s also possible to send traffic on your remote webserver to your local machine. It looks something like this:

ssh -N -R 5000:localhost:3306 your-server &

After this command, anything going to your-server’s port 5000 will be sent to 3306 on the local machine.

Verfication and Destruction

To verify the port is open, type lsof -i in Linux or netstat -a|grep LISTENING|grep 5000 in Cygwin. These commands will give you a process id number (pid). Just type kill <pid> to end the connection. For example kill 1234 stops pid 1234.