snippetModerate
SSH tunneling for accessing remote databases and services
Viewed 0 times
SSH tunnelport forwardingbastion hostLocalForwardSOCKS proxy
terminallinuxmacos
Problem
Need to access a database or service on a remote server that's not publicly accessible.
Solution
Local port forwarding: ssh -L local_port:remote_host:remote_port user@bastion. Example: ssh -L 5432:db.internal:5432 user@bastion. Persistent: add -N -f. Dynamic SOCKS proxy: ssh -D 1080 user@server. SSH config: add LocalForward directive. Kill: kill $(lsof -t -i :5432).
Why
Production databases should never be publicly accessible. SSH tunneling creates an encrypted channel through a bastion host without exposing the service.
Revisions (0)
No revisions yet.