This article deals with the task of securing MySQL client-server connection with the help of functions, by the Secure Shell (SSH) protocol. To be exact, the SSH tunnel concept is used. We repeat the steps that you need to make the MySQL client applications and implementation of a sample ourselves.
MySQL transport is not the only type of data can be tunneled through the Secure Shell. SSH can be used to the security of all TCP applications based on Layer protocol, like HTTP, SMTP and POP3. If your application must ensure that this protocol through a tunnel on an SSH connection, this article for you.
Background
We will imagine that an application to develop the company send the request must be made on a number of SQL servers around the world and receive answers from them (we imagine that this is a super-powerful banking system, stores information about millions of accounts).
All data between applications and SQL servers are on the Internet “such as”. Like most protocols, by the SQL server to ensure the integrity and confidentiality of the data (and those that do, do so in a way quite nontransparent), all applications for transfer and the answers May (and It!) Will become a passive opponents. An active opponent can much more serious problems - it can change the data, and no one.
SSH (Secure Shell) is a protocol by May of this problem. One of its features is the ability to integrate different types of tunnel connections through a single, trust and integrity.
Now you do not need to worry about the data over the Internet - SSH is for you. In particular, SSH care aspects of security:
Strong encryption of the data after the latest industry-standard encryption algorithms (AES, Twofish)
Authentication of the client and servers
Protecting the integrity of data
From stability in relation to the different types of network attacks
Compression of the data tunneled
The complete independence of the operating system, network and special features
Tunneling (or transit) works as follows:
SSH client opens ports on a LAN interface and shows the SSH server to transmit wants all connections to this port allowed in some remote computer.
If any other connection to the listener, the SSH client informs the SSH server on this fact and at the same time a tunnel logic. At the same time, the SSH server, a new TCP connection to the remote host agreed in step 1
The SSH encrypts all client data, which he accepted the connection and sends it to the SSH server. The SSH server decrypts the data received by SSH client and sends it to the remote site.
Please note that the SSH client acts as a server for TCP connections, he explains, and the SSH server as a client for TCP connections to the remote host.
A single connection SSH Tunnel, the largest number of connections from application layer, depending on demand. This means that your server protected by all ports (such as database and application server ports) to a local network, not by the fact that the SSH port open. It is much easier to create a single port than a dozen ports.
Into the Fire
We are developing a small program, the use of SSH transmission capacity. We will have an important task to ensure that there is a link between a MySQL client application and a MySQL server. Imagine, we get the information from the database server, which is thousands of miles of us, certainly.
Secure MySQL client is the application that we implement. It includes the following modules:
SSH client module on the shipping capacity
In addition to MySQL client module
User Interface for the cessation of operation and the results of the query.
The SSH server runs in a dial-up network and is available on the internet. The database (MySQL) server in the same network as the SSH server May and not visible to the Internet.
The process of ensuring the exercise of the exchange of data between the client and Secure MySQL database server runs as follows:
The SSH client a secure connection to the SSH server and the transfer of certain local port to the remote server, MySQL.
The module MySQL client to connect to open ports through SSH client module.
The SSH client and the server is a logical tunnel to connect accepted.
The customer sends MySQL SELECT to open port by the SSH client module, which encrypts and sends it to the SSH server. The SSH server decrypts the request and sends it to the MySQL server.
The SSH server receives a response from the server, MySQL, encrypts and sends it to the SSH client, the decrypted and passes it to the MySQL client module.
Seems too complicated? Implementation of this is easier than you think.So we continue and do it.Read more information by clicking the links below:
Music Blog | City Travel | Love Blog | Internet Nerds | Granaditas | Maldigras | About Cars | Nerve Crack | Gamer’s World | Perfect Diapason | Anime | Latest Buzz | Business | Creative Innovations | Sports Reviews | Creative Writing | Fashion Today | Blog Loan Online | Online Opportunities | Blog Addict | Site Submission | Make Money Online | Technology | Gadgets | Articles | Gizmos | Travel | Finance | Blogging | Opinions | Entertainment | Reviews | Websites | Money | Sugar Free Blog | Bonsang | Latest Videos | Globe Auto Load | Airsoft | BlogToMillion | Lifestyle | Shopping | Computer | Britney Spears | PC Games | Marketing | News | Web Design | Society | Benefits | Services | Papable | Blog | Internet Marketing | Real Estate | Earn Online | jSison |
