Hi Paul!

Thanks!

I'll try this idea.

[]

Leo


On Mon, May 13, 2013 at 7:21 PM, Paul Ebermann <Paul-Ebermann@gmx.de> wrote:
Leonardo K. Shikida skribis:
> I would like to use JSch to create a secure tunnel to the target host
> and use this tunnel to transport bytes for a mysql connection. But I
> would not like that this tunnel would be accessible from any other user
> logged in the same machine.
>
> Is that feasible?


From the JSch side, jes.

Don't use the port forwarding functions (which create local sockets),
but start a direct-tcp channel, and write/read from its pair of Streams.

I used this to tunnel a JSch connection through an JSch connection.
http://sourceforge.net/apps/mediawiki/jsch/index.php?title=ProxySSH


The problem now is: How do we tell the JDBC driver to use the tunnel
instead of opening a new Socket?

It looks like there is a socketFactory configuration property for the
MySQL JDBC driver:
http://dev.mysql.com/doc/refman/5.1/en/connector-j-reference-configuration-properties.html

Though that property provides the class name, not an object, so you'll
have to pass your JSch Session through a static or thread-local static
variable to that class. Not optimal. Complain to MySQL so they provide a
method to configure that using objects instead of class names.

In the Socket factory's connect() method you'll then have to create an
instance of a custom subclass of Socket whose 'getInputStream' and
'getOutputStream' methods return the streams from the Channel.


Good success
PaĆ­lo


------------------------------------------------------------------------------
AlienVault Unified Security Management (USM) platform delivers complete
security visibility with the essential security capabilities. Easily and
efficiently configure, manage, and operate all of your security controls
from a single console and one unified framework. Download a free trial.
http://p.sf.net/sfu/alienvault_d2d
_______________________________________________
JSch-users mailing list
JSch-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jsch-users