Subject Re: [firebird-support] Re: Using Firebird Through SSH
Author Alexandre Benson Smith
Maurice Ling wrote:

>Hi Alexandre,
>I've actually found another issue.
>Scenario 1: I connect to a remote server using SSH and performs port
>forwarding at the same time using "ssh -L 3050:localhost:20000 <remote
>host>". Then in that login shell, I do a "isql <database> -u <user> -p
>Scenario 2: I connect to a remote server using SSH and performs port
>forwarding at the same time using "ssh -L 3050:localhost:20000 <remote
>host>". Then on local machine, I attempt to connect to remote database
>using the SSH tunnel by "isql localhost/3050:<database> -u <user> -p
>Both scenarios allow me to connect to the remote database, no errors
>so far, and I can see the tables using "show tables;" command. The
>problem is this, when I issue commands as "select count(*) from <a
>Scenario 1 reports 6000, which is correct but
>Scenario 2 reports 0, which is wrong.
>I have no feel for what exactly is wrong... Somehow in both cases, the
>metadata is correct but the data in the database is not connected...
>Any reasons?
Hi Maurice !

I never used SSH for tunnelling (I use Zebedee) I had a look onto it,
but don't put it in practice. There was a message on this list on the
last weeks about using stunnel. Zebedee is very very easy to configure
to use with FB, there is a great tutorial written by Artur Anjos (google
for Zebedee Firebird and will find it for sure).

I don't know the syntax so cannot help you in the command line arguments:

I think you already know it, but.. :-)

unencrypted encrypted unencrypted
Cliente --------------> SSH ----------> SSH ------------> Server
(local) (remote) (remote)
(port 2250) (port 2250) (port 3050)

Lets assume cliente will connect to a SSH tunnel openned on port 2250,
and the SSH will encrypt the data and connect to the remote server on
port 2250 too, then the SSH on the remote server will decrypt the data
and forward it to another port (or another machine if it was the case).

Don't know how configure the SSH to accomplish this... but the FB
connection should be:


1.) The FB cliente should connect to the local SSH
2.) The local SSH will encrypt the data and forward to a remote SSH
3.) a remote SSH will accept the data decrypt it and forward to another
port on the same machine or to a port on a another machine

the FB client it just sent data as it was talking to a FB server
the FB Server just receive data as it was from a FB client.

I think if you can connect (and are sure that you are using the
tunneling for the connection) then the "show table" or the "select
count" should work.

Don't know what can make it return diferente data, if you have a invalid
connection you should get erros, getting erroneous data, sounds very
weird for me.. are you sure your are not connecting to a diferente
(probably local) server that has no records for that table ???

see you !


Alexandre Benson Smith
THOR Software e Comercial Ltda.
Santo Andre - Sao Paulo - Brazil