SSH tunneling

Our team is taking over a new application. This application is hosted on the servers that adopt SSH tunneling for remote access. This feature I have never experienced before.

Here is a good arcticle to get started: Securing Oracle Network Traffic by Roger Schrag

My simple test succeeded:

#####  -- create the tunnel

ssh2 -l username -L 9902: remote_host:1521 remote_host


##### --  test remote connection

C:\Documents and Settings\Yu>sqlplus system@DBCONNSTRG

SQL*Plus: Release 10.2.0.1.0 - Production on Fri Feb 6 13:25:20 2009

Copyright (c) 1982, 2005, Oracle.  All rights reserved.

Enter password:

Connected to:
Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> select name from v$database;

NAME
---------
xxxx


####  My tnsname.ora entry:  I use 9902 because 1521 is for my local database lisenter

DBCONNSTRG =
   (DESCRIPTION =
      (ADDRESS_LIST =  (ADDRESS = (PROTOCOL= TCP)
                                  (HOST = 127.0.0.1)
                                   (PORT = 9902)
                        ) )
      (CONNECT_DATA = (SID = DBSIDNAME)(SERVER = DEDICATED)))

[Ed. Sep 17 2009: to make SSH tunneling work, on the server side we may want to do:
in /etc/ssh/sshd_config change AllowTcpForwarding from no to yes then recycle sshd ]