Open mysql database to access from more than localhost

Dear Friends:

Normally I use my vps to host websites. But now I have a customer that needs to host a mysql database, and access the database from a Java application. The app is installed in a few netbooks and the netbooks are travelling around the country, using different kind of connections to connect to the server (mobile connections, a wifi connection in a MC Donalds, a wifi at home, a lan at work…).

Wich is the best and more secure way to give access to this Java application to (and only to) this mysql database?

I hope you understand my bad English.

Thanks in advance,

R. Campos.

5 Replies

SSH tunneling.

Forward local port 3306 to remote port 3306, through the tunnel.

ssh -L 3306:localhost:3306 username@hostname

Tell Java app to connect to local port 3306.

Or choose any other local port.

Ok, thank you for your answer.

I will try to modify the Java app to do the tunneling, using the JSch library.

Thanks in advance.

R. Campos.

newer versions of mysql offer SSL support. IMHO better than SSH (because of the overhead of SSH).

@empoweringmedia:

newer versions of mysql offer SSL support. IMHO the better than SSH (because of the overhead of SSH).

The advantage of JSch is that the server continues to only expose SSH, your solution requires exposing a new SSL server, one more thing to worry about being exposed to the Internet.

Another way of doing this might have been through OpenVPN (or any VPN solution) then you could have firewalled the VPN so that only the MySQL port was available over it.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct