--- In firebird-support@yahoogroups.com, Alexandre Benson Smith
<iblist@t...> wrote:

> Maurice Ling wrote:
>
> >
> >
> >
> >Hi Alexandre,
> >
> >I've actually found another issue.
> >
> >Scenario 1: I connect to a remote server using SSH and performs port
> >forwarding at the same time using "ssh -L 3050:localhost:20000 <remote
> >host>". Then in that login shell, I do a "isql <database> -u <user> -p
> ><password>".
> >
> >Scenario 2: I connect to a remote server using SSH and performs port
> >forwarding at the same time using "ssh -L 3050:localhost:20000 <remote
> >host>". Then on local machine, I attempt to connect to remote database
> >using the SSH tunnel by "isql localhost/3050:<database> -u <user> -p
> ><password>".
> >
> >Both scenarios allow me to connect to the remote database, no errors
> >so far, and I can see the tables using "show tables;" command. The
> >problem is this, when I issue commands as "select count(*) from <a
> >table>;",
> >Scenario 1 reports 6000, which is correct but
> >Scenario 2 reports 0, which is wrong.
> >
> >I have no feel for what exactly is wrong... Somehow in both cases, the
> >metadata is correct but the data in the database is not connected...
> >
> >Any reasons?
> >
> >Cheers
> >Maurice
> >
> >
> >
> Hi Maurice !
>
> I never used SSH for tunnelling (I use Zebedee) I had a look onto it,
> but don't put it in practice. There was a message on this list on the
> last weeks about using stunnel. Zebedee is very very easy to configure
> to use with FB, there is a great tutorial written by Artur Anjos

(google

> for Zebedee Firebird and will find it for sure).
>
> I don't know the syntax so cannot help you in the command line

arguments:

>
> I think you already know it, but.. :-)
>
> unencrypted encrypted unencrypted
> Cliente --------------> SSH ----------> SSH ------------> Server
> (local) (remote) (remote)
> (port 2250) (port 2250) (port 3050)
>
> Lets assume cliente will connect to a SSH tunnel openned on port 2250,
> and the SSH will encrypt the data and connect to the remote server on
> port 2250 too, then the SSH on the remote server will decrypt the data
> and forward it to another port (or another machine if it was the case).
>
> Don't know how configure the SSH to accomplish this... but the FB
> connection should be:
>
> localhost/2250:my_db
>
> 1.) The FB cliente should connect to the local SSH
> 2.) The local SSH will encrypt the data and forward to a remote SSH
> 3.) a remote SSH will accept the data decrypt it and forward to another
> port on the same machine or to a port on a another machine
>
> the FB client it just sent data as it was talking to a FB server
> the FB Server just receive data as it was from a FB client.
>
> I think if you can connect (and are sure that you are using the
> tunneling for the connection) then the "show table" or the "select
> count" should work.
>
> Don't know what can make it return diferente data, if you have a

invalid

> connection you should get erros, getting erroneous data, sounds very
> weird for me.. are you sure your are not connecting to a diferente
> (probably local) server that has no records for that table ???
>
>
> see you !
>
> --
>
> Alexandre Benson Smith
> Development
> THOR Software e Comercial Ltda.
> Santo Andre - Sao Paulo - Brazil
> www.thorsoftware.com.br

I've revisited this problem again and realised something. The remote
server (FB server) is listening on port 3050, not any others. So, the
local port can be any unused port but the remote port must be 3050.

As such, I've managed to get connected using this:

ssh <any local port>:localhost:3050 <user name>@<remote server>

e.g
ssh 3000:localhost:3050 dumb@...

Then, connect through isql with:

isql localhost/<local port>:<path to database on remote server> -user
<user name> -password <user password>

e.g.
isql localhost/3000:/home/dumb/test.fdb -user dumb -password dumb

It works.

maurice