Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Accessing SQL Server over an SSH tunnel

In my development shop, we deploy code on virtual servers that sit on a remote network.

We access the machines on that network by first opening an SSH connection to a gateway server, and then SSH-tunneling RDP over a local port.

I would very much like to be able to locally access SQL Server instances running on these servers in the same way.

I've set up a local port (3398) to redirect to the SQL Server port on the remote instance (L3398 -> remote.machine.com:1433).

I can then actually test the connection by telnetting to localhost 3398, and I get a connection: the screen clears and I can type characters to some listening process.

But when I try to connect SSMS to localhost:3398, it times out and then claims that there is no SQL Server listening on that port:

Cannot connect to localhost:3398

Additional information:
A network-related or instance-specific error occurred while establishing a connection 
to SQL Server. The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow remote
connections. (...)

I am sure that the server accepts remote connections, because I have connected to it remotely while logged in via RDP to a different machine within the remote network.

I have Googled around to know that this is possible; does anyone have some idea why this isn't working, or what I might do to diagnose and hopefully fix the problem?

Thanks!

like image 768
Jim Burnell Avatar asked Aug 02 '11 16:08

Jim Burnell


People also ask

Can you SSH into SQL Server?

All you need is a server in the office which accepts SSH connections and can connect to the SQL Server. This will serve as a gateway or makeshift proxy server. With the proper port forwarding setup, you can connect to your database from anywhere.


2 Answers

Instead of connecting to localhost:3398 Use 127.0.0.1,3398

like image 71
Dan Avatar answered Oct 13 '22 02:10

Dan


For Authentication type Azure Active Directory - Universal with MFA (Mutli-Factor Authentication), in addition to specifying the port correctly (127.0.0.1,3398), I also had to point the host to localhost.

On Windows, I had to edit my hosts file to include the server host:

127.0.0.1    server.example.com

Then, in SSMS, I could connect to server.example.com,3398, which would perform the MFA correctly.

I could have performed this redirection at a higher DNS level as well.

like image 33
palswim Avatar answered Oct 13 '22 01:10

palswim