tags:

views:

165

answers:

2
+1  Q: 

How can I connect to ORACLE DB through ssh tunnel chain (double tunnel, server in company network) ?

Hi,

I have SSH access to 'public' server, which is also the gateway to company network. There is another server in the network, where local ORACLE server is running (There is no access from outside of this server, only localhost DB connections are accepted). And of course, I have another SSH access to this server.

Is there any way to join to this ORACLE server from outside of the network ? I am asking if there is something like ssh tunnel chain, and how i configure it. This can be usefull, for example, for TOAD for Oracle (ORACLE client).

EDIT: Here is image

alt text Thanks

+3  A: 

Yes, it's possible. E.g. on Linux, run

ssh -N -Llocalport:dbserver:dbport yourname@connectionserver

where

  • localport is the port on your machine which will be forwarded (can be 1521 if there is no local instance of oracle running)
  • dbserver is the name or IP of the database server
  • dbport is the port of the database (usually 1521)
  • yourname is the login on the connectionserver
  • connectionserver is the machine where you have ssh access

The same can be done on Windows using Plink (which comes with Putty):

plink -N -L localport:dbserver:dbport yourname@connectionserver

Do this on both machines (your local machine and the server you have access to) to chain the ssh tunnels. Example:

Connection server (assuming Linux):

ssh -N -L1521:dbserver:1521 dblogin@dbserver

Your PC:

plink -N -L 1521:connectionserver:1521 connlogin@connectionserver

The tnsnames.ora entry must look like you are running a local database, e.g.

prodoverssh =
  (DESCRIPTION =
    (ADDRESS_LIST =
      (ADDRESS = (PROTOCOL = TCP)(HOST = localhost)(PORT = 1521))
    )
    (CONNECT_DATA =
      (SERVICE_NAME = prod)
    )
  )
ammoQ  2010-09-06 19:20:47
thanks, I did something like it
Michal Drozd  2010-09-08 11:59:40
A: 

Thanks!

I called ssh -N -LXXXX:server:YYYY login@server twice.

First, I called 

ssh -L 9998:127.0.0.1:9997 [email protected]

on my PC.

Then, on this server (during the SSH session), I called

ssh -L 9997:localhost:1521 [email protected]

where 192.168.105.111 is server where ORACLE was running.

So what I did is following redirection: 

1521 (COMPANY ORACLE SERVER) 
  -> 9997 (COMPANY GATEWAY SERVER)
     -> 9998 (LOCAL PC)

So I got ORACLE access in my local PC at port 9998 !

Michal Drozd  2010-09-08 11:23:05

related questions

Is there a Way to use Linq to Oracle
NHibernate and Oracle connect through Windows Authenication
Boolean Field in Oracle
How do you manage schema upgrades to a production database?
How do I deal with quotes ' in SQL
When do you use table clusters?
Oracle write to file
MS SQL Server 2008 "linked server" to Oracle : schema not showing
Develop on local Oracle instance
Resources for an Oracle beginner
What strategies have you employed to improve web application performance?
Automate Syncing Oracle Tables With MySQL Tables
Best way to encapsulate complex Oracle PL/SQL cursor logic as a view?
What Content Management does your workplace use?
What is the difference between oracle's 'yy' and 'rr' date mask?
SQL/Query tools?
How to make Pro*C cope with #warning directives?
Oracle SQL Developer not responsive when trying to view tables (or suggest an Oracle Mac client)
How big would such a database be?
Oracle - What TNS Names file am I using?
What is a good way to open large files across a WAN?
How do I find the high water mark (for sessions) on Oracle 9i
SQL Case Statement Syntax?
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?