I have SSH access to 'public' server, which is also the gateway to company network. There is another server in the network, where local Oracle Database server is running (There is no access from outside of this server, only localhost DB connections are accepted). And of course, I have another SSH access to this server.
Is there any way to join to this Oracle Database 11g Server from outside of the network ? I am asking if there is something like ssh tunnel chain, and how i configure it. This can be usefull, for example, for TOAD for Oracle (ORACLE client).
EDIT: Here is image
Thanks
Yes, it's possible. E.g. on Linux, run
ssh -N -Llocalport:dbserver:dbport yourname@connectionserver
where
- localport is the port on your machine which will be forwarded (can be 1521 if there is no local instance of oracle running)
- dbserver is the name or IP of the database server
- dbport is the port of the database (usually 1521)
- yourname is the login on the connectionserver
- connectionserver is the machine where you have ssh access
The same can be done on Windows using Plink (which comes with Putty):
plink -N -L localport:dbserver:dbport yourname@connectionserver
Do this on both machines (your local machine and the server you have access to) to chain the ssh tunnels. Example:
Connection server (assuming Linux):
ssh -N -L1521:dbserver:1521 dblogin@dbserver
Your PC:
plink -N -L 1521:connectionserver:1521 connlogin@connectionserver
The tnsnames.ora entry must look like you are running a local database, e.g.
prodoverssh =
(DESCRIPTION =
(ADDRESS_LIST =
(ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
)
(CONNECT_DATA =
(SERVICE_NAME = prod)
)
)
Thanks!
I called ssh -N -LXXXX:server:YYYY login@server twice.
First, I called
ssh -L 9998:127.0.0.1:9997 login@gate.company.cz
on my PC.
Then, on this server (during the SSH session), I called
ssh -L 9997:localhost:1521 root@192.168.105.111
where 192.168.105.111 is server where ORACLE was running.
So what I did is following redirection:
1521 (COMPANY ORACLE SERVER)
-> 9997 (COMPANY GATEWAY SERVER)
-> 9998 (LOCAL PC)
So I got ORACLE access in my local PC at port 9998 !
you can add as well the -f option which run the ssh command in the background.
来源:https://stackoverflow.com/questions/3653788/how-can-i-connect-to-oracle-database-11g-server-through-ssh-tunnel-chain-double