Table of contents
Introduction:
In this blog post, we will explore the concept of SSH tunneling and demonstrate how to securely access an AWS MySQL database using SSH tunneling. By leveraging SSH tunneling, you can establish an encrypted connection between your local machine and a remote server, allowing you to access services running on the remote server as if they were running locally. We will use an example where the MySQL database is hosted on AWS and assume the default MySQL port of 3306.
Prerequisites: To follow along with this tutorial, you will need:
An AWS account with an active MySQL database instance.
SSH access to the AWS EC2 instance hosting the MySQL database.
An SSH client software is installed on your local machine.
Step 1: Obtain SSH Access Credentials To establish an SSH tunnel, you'll need the SSH credentials for the AWS EC2 instance. This includes the SSH username and either a password or an SSH key.
Step 2: Open a Terminal or Command Prompt Open a terminal or command prompt on your local machine to execute the necessary SSH commands.
Step 3: Create the SSH Tunnel Run the following command in your terminal, replacing the placeholders with your specific information:
ssh -L 3307:localhost:3306 -i path_to_ssh_key.pem user@aws_ec2_instance_ip
The -L flag sets up the local port forwarding. In this example, we're forwarding port 3307 on your local machine to port 3306 on the AWS EC2 instance where the MySQL database is running. Replace path_to_ssh_key.pem with the file path to your SSH private key. Replace user with your SSH username, and aws_ec2_instance_ip with the public IP address of the AWS EC2 instance.
Step 4: Establish the SSH Tunnel Enter your SSH password or provide the SSH key passphrase when prompted. If successful, the SSH tunnel will be established, and your terminal will remain connected.
Step 5: Connect to the MySQL Database Using a MySQL client of your choice, configure the client to connect to localhost on port 3307, which is the local port specified in the SSH command. Provide the necessary MySQL database credentials to establish the connection.
For example, using the MySQL command-line client, you can run:
mysql -h localhost -P 3307 -u mysql_user -p
Replace mysql_user with the appropriate MySQL username. You will be prompted to enter the password for that MySQL user.
Conclusion:
SSH tunneling provides a secure and encrypted method for accessing remote services such as an AWS MySQL database. By following the steps outlined in this blog post, you can easily set up an SSH tunnel to securely access your AWS MySQL database from your local machine. SSH tunneling ensures the privacy and integrity of your data by establishing an encrypted connection between your local machine and the remote server, allowing you to access the MySQL database as if it were running locally.