Local-to-remote port forwarding using Ruby/Net::SSH for remote db connection

Question

I'm accessing a remote database using a local-to-remote port forwarding from my windows box. It works like a charm using putty for port forwarding but it fails when I try to forward using Ruby/Net::SSH. Here is my code snippet:

require 'rubygems'
require 'net/ssh'

Net::SSH.start(remote_host, user_name, :password => password) do |ssh|
  ssh.logger.sev_threshold=Logger::Severity::DEBUG
  ssh.forward.local(5555, 'www.google.com', 80) # works perfectly
  ssh.forward.local(4444, remote_host, 1234)    # db connection hangs up
  ssh.loop { true }
end

The port forward to google.com works fine when tested with a browser. The port forward to my linux server, where my db server is listening on port 1234, isn't working. When I try to connect to localhasot:4444 the connection hangs up. Logs:

DEBUG -- net.ssh.service.forward[24be0d4]: received connection on 127.0.0.1:4444
DEBUG -- tcpsocket[253ba08]: queueing packet nr 6 type 90 len 76
DEBUG -- tcpsocket[24bde64]: read 8 bytes
DEBUG -- tcpsocket[253ba08]: sent 100 bytes
DEBUG -- net.ssh.connection.channel[24bdcc0]: read 8 bytes from client, sending over local forwarded connection

And then nothing!

I'm using net-ssh 2.0.22 / ruby 1.8.7

Answer 1

Change the second remote_host to 'localhost'. Your database server is probably only bound to 127.0.0.1 (localhost), but your SSH forward is sending packets to your external IP address (obtained by resolving remote_host).

Ssh to the linux box and run sudo netstat -n --tcp --listen -p. For example, I see this:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
...
tcp        0      0 127.0.0.1:5432          0.0.0.0:*               LISTEN      1552/postgres

which implies postgres is only listening on 127.0.0.1 (value of Local Address). If I run the command psql -h 127.0.0.1, I can connect to my database. But if I run the command psql -h <hostname> or psql -h <my external IP>, the connection is refused.

Furthermore, if I have ssh.forward.local(4444, remote_host, 5432), I am unable to connect to my database via the port forward. But If I have ssh.forward.local(4444, 'localhost', 5432), I am able to connect.

Try this:

Net::SSH.start(remote_host, user_name, :password => password) do |ssh|
  ssh.forward.local(4444, 'localhost', 1234)
  ssh.loop { true }
end

Note that 'localhost' in this case is interpreted relative to the host to which you connected via ssh, i.e. the remote host.