What happens is, most of the time we restrict our various services behind a firewall. Those are not publicly accessible.
Like I always to run my database server on the loopback device (
localhost) or on the private network. But sometimes I feel a strong urge to have access to the staging database from the local machine, be it for development o debugging purpose.
Just fo this purpose, I don't want to open those services to the Wild Wild Web! SSH Tunneling comes for rescue.
What do you need? Just bare bone SSH access to that server, doesn't need to be
Here how to do it, I'm showing command for default Postgres port, You can always change to something else:
ssh -L 5431:localhost:5432 firstname.lastname@example.org
Okay let's breakdown the command.
-Largument instructs to open a local port for remote service.
5431is the local port you'll be using to access that service.
localhostis where the service is bound on the server. It can be something else like a private IP of
5432is the port that the actual service is running in. Update this according to your service, like for MySQL default is 3306.
Now you can simply access the database locally with this command:
It's as simple as that.
You could argue, this would open up security issues to the server. I could just export the staging DB and import it on my local machine, but I'm kind of lazy! And if you're concerned about security, don't just give away your SSH access to any random person! On the brighter hand, this will save the hassle of setting up a VPN for small use cases!
Note: You can do a lot of cool staff with SSH Tunneling. Hope this is the first instalment of the upcoming series. Maybe the next instalment will come in a few years!