Oh, and did I mention it was secure? And also that all data is encrypted? :)
Best of all, it doesn't require any special fiddling of opening public ports on routers or firewalls or with ISP's - all communications happen over TCP port 22 (SSH port) which is open by default on most (half-decent) routers.
So, why would one use such witchcraft?
Example Set-Up (complete with stunning artwork)
Here's our set-up. It assumes X and Y have static public IP addresses. We have office X and office Y that have a MySQL customer database replicated across the two sites on port 3306. Our SysOp is a cautious fellow, and doesn't just want to expose port 3306 to the outside world at all if possible - not even IP restricted on the firewalls - just fully not available. Step forward SSH.
In office X we have a linux box/LARTC box (called LR1) with address 192.168.1.1 and xxx.xxx.xxx.xxx, and a MySQL server of 192.168.1.100. In Y we have LR2 with IPs of 192.168.2.1 and yyy.yyy.yyy.yyy, and MySQL running on 192.168.2.100.
We assume public key authentication has been enabled for passwordless access for username USER (.ssh/known_hosts and .ssh/authorized_keys), and that port forwarding and SSH forwarding have been enabled in sshd.conf.
On LR1 we issue:
ssh -N -g -f -L 192.168.1.1:3306:192.168.2.100:3306 user@yyy.yyy.yyy.yyy
On LR2 we issue:
ssh -N -g -f -L 192.168.2.1:3306:192.168.1.100:3306 user@xxx.xxx.xxx.xxx
A quick explanation of the switches used:
N - Don't execute a command after connecting
g - Allow remote clients to connect to locally forwarded ports
f - Fork to background after invoking SSH
L - Forward local port
Now if we want to connect to MySQL in office Y from office X, we simply connect to port 3306 on 192.168.1.1. Similarly, port 3306 on 192.168.2.1 now "magically" connects to port 3306 on 192.168.1.100. If this is a little hard to follow, re-read it again. We're essentially making the MySQL server of the other office appear on our local linux box, available only to clients on our local network.
Oh, and did I mention it was secure as well? Oh, and I might have forgotten to mention it's also encrypted! :D
Happy digging.
**ADDENDUM: I have received much praise for my great digital artwork, so I'd like to formally offer my services as a digital editor/design/arty-farty-type graphics guy for about 36.5pence per hour plus a lukewarm coffee every 4 hours and some entitlement to stale donoughts or other acceptable pastry or chocolate substitutes.
Caesars Casino Review (2021) - Get $10 Free with No Deposit
ReplyDeleteCaesars casinosites.one Casino Review · 1. Claim your 출장안마 $10 free 출장샵 bonus 토토 사이트 홍보 and receive up to $20 in casino credits (30 1등 사이트 Free Spins) · 2. Play Slots at Caesars Casino.