Creat A SSH TUNNEL Using Putty

The ssh tunnels are used for many things, but basically it is a point-to-point encryption (until the ssh gateway) with the purpose of not being able to capture the information that circulates through the channel. Even if someone uses a sniffer (it will capture the data packets) it will not be able to read the information that is sent or received.

As I said before there are many purposes to use the tunnels, in our case we will see from the point of view of the databases, and mainly from the perspective of the database administrator, which by the functions of the post entails Many times sensitive information.

Not long ago post a post to demonstrate how easy it is to see and capture network packets when we send an “alter user xxx identified by values ​​and and” statement, using a tunnel this information will be encrypted from the time it leaves my laptop until it reaches the ssh gateway. Okay on the laptop and once the data passes the gateway until the targete machine where is the sistener  would be captured and read. Normally this segment of network is a local area and is more or less secure.

We must define;

  •  ssh gateway or jumped host; as the entry point to the tunnel (or where we are going to bounce the signal).
  • target machine; as the host to which we want to connect.
  •  local port (source port named by Putty); which we will use on our computer (in my case laptop) and when we reference it will translate to the port of the listener that is on the target machine.

 

Open Putty and set the ssh gateway and port 22 (necessary to encript the channel)

create_ssh_tunnel_with_putty_v1

Drill down in the lest menu and click on tunnels, set source port and destination (target machine).

create_ssh_tunnel_with_putty_v2

Click on add button and after click on Open.

create_ssh_tunnel_with_putty_v3

Now from SQL Developer We need open a new connection and set username and pass as usual and the new for use the tunnel;

Set hostname to localhost (or 127.0.0.1)

Set Port to 7000, defined as local port (in our workstation)

Set Service_name to the database

create_ssh_tunnel_with_putty_v4

 

HTH – Antonio NAVARRO

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s