current community

your communities

more stack exchange communities

Stack Exchange
tour help
careers 2.0
Take the 2-minute tour ×
Stack Overflow is a question and answer site for professional and enthusiast programmers. It's 100% free, no registration required.
up vote 0 down vote favorite
1

How would I connect to my VPS based MySQL database remotely (from a cloud based app) using the Ruby Net::SSH or Net::SSH::Gateway gems and key, not password, authentication?

And then connect to the database with Sequel or DataMapper. I'm assuming that after I manage to get the SSH connection working, I would just setup a Sequel/DM connection to 'sql_user@localhost:3306/database'.

I did locate a couple of similar question here, but they all use password authentication, not keys, and only demonstrate executing raw commands to query the database.

UPDATE: I just cannot seem to get this (Net::SSH with key manager) to work.

UPDATE2: Alright I have managed to get authorization when logging in from a computer that has authorized keys stored in the users local .ssh folder, with the following (port is my custom SQL port on the VPS):

 sql_gate = Net::SSH::Gateway.new('192.xxx.xxx.xx','sqluser', port: 26000)

However, I will not be able to create a .ssh folder in the app's VM, so I need to somehow pass the path and filename (I will be creating a public key just for SQL access for specified user) as an option ... but haven't been able to figure out how.

UPDATE: Just need to figure out DataMapper access now. Current code being tested (remote_user_sql is my Ubuntu user, sql_user is the MySQL database user with localhost/127.0.0.1 privileges):

require 'net/ssh/gateway'
require 'data_mapper'
require 'dm-mysql-adapter'

class User
  include DataMapp......
  .
  .
end

ssh_gate = Net::SSH::Gateway.new('192.n.n.n','remote_user_sql', {port: 25000, keys: ["sql_rsa"], keys_only: true})

port = ssh_gate.open('localhost',3306,3307)
  child = fork do
    DataMapper.setup(:default, {
      adapter: 'mysql',
      database: 'sql_test',
      username: 'sql_user',
      password: 'passwd',
      host: 'localhost',
      port: port})
    DataMapper.auto_upgrade!
    exit
  end
  puts "child: #{child}"
  Process.wait

ssh_gate.close(port)
share|improve this question
    
It seems there is a KeyManager method in the Net::SSH gem (net-ssh.github.io/net-ssh/classes/Net/SSH/Authentication/…), but I cannot determine how to implement it properly. –  Gus Shortz Apr 22 '13 at 7:35
    
Ok, I think I found the answer, and will add it here once I've verified it works. It seems that Net::SSH::Gateway takes all the options that Net::SSH does, so you can use keys: ["/path/to/my_rsa"] to specify private key file and its location (note that it must be an array). This combined with the Net:SSH:Gateway open method to forward a local port to 3306 on remote. –  Gus Shortz Apr 25 '13 at 17:32
add comment

1 Answer

up vote 0 down vote accepted

My solution, in two parts:

Well I have figured how to make the Net::SSH::Gateway gem using a specified keyfile, and then connect to the VPS through ssh via a port other than 22:

Part 1: Net::SSH::Gateway key authentication

First you must generate the keyfiles you want to use, copy the .pub to the remove server and append it to the ~/.ssh/authorized_keys file (cat sql_rsa.pub >> authorized_keys), and then make sure user_sql (the user I created on the VPS to be used only for this purpose) has been added to AllowUsers list in sshd_config. Make note of port used for ssh (25000 for this example) and use the following code to establish the connection:

ssh_gate = Net::SSH::Gateway.new('192.n.n.n','user_sql', {port: 25000, keys: ["sql_rsa"], keys_only: true})

That will read the keyfile sql_rsa in the same directory as script file, then create a new ssh gateway for 'user_sql'@'192.n.n.n' on port 25000.

I can successfully execute raw shell commands on the remove VPS with:

ssh_gate.exec("ls -la")

To close:

ssh_gate.shutdown!

Unfortunately I am still having problems using DataMapper (do-mysql-adapter) to use the gateway. I will update this answer if I figure that part out, but at least the first half of the problem has been solved.

These are the errors that DataMapper::Logger has reported:

When 127.0.0.1 was used:

Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) (code: 2002, sql state: HY000, query: , uri: )

When localhost was used:

Access denied for user 'user_sql'@'localhost' (using password: YES) (code: 1045, sql state: 28000, query: , uri: )

When the VPS hostname was used:

Unknown MySQL server host 'hostname' (25) (code: 2005, sql state: HY000, query: , uri: )

UPDATE (No success yet): So far the only way I can access the remote MySQL database is by using Net::SSH::Gateway to establish a gateway, and then use the .sshmethod to open a new Net::SSH connection over that gateway, like so:

ssh_gate.ssh('192.n.n.n','user_sql',{port: 25000, keys: ["sql_rsa"], keys_only: true}) do |ssh|
    ssh.exec("mysql -u sql_user -p'passwd' -h localhost -P 3306 -e 'SELECT DATABASE();'")
end

In other words, I can only execute SQL commands using the mysql command line. I cannot figure out how to get Sequel or DataMapper to use the gateway to connect.

Part 2: DataMapper/Sequel/mysql2 connection through Net::SSH::Gateway

Make sure your MySQL server is bound to 127.0.0.1 in /etc/mysql/my.cnf, setup your connection - DataMapper example:

DataMapper.setup(:default, {
  adapter: 'mysql',
  database: 'DATABASE',
  username: 'username',
  password: 'passwd',
  host: '127.0.0.1',
  port: 3307}) # local port being forwarded via Net::SSH:Gateway

Followed by any class table definitions and DataMapper.finalize if required. Note that DataMapper doesn't actually connect to the remote MySQL server until either an auto_upgrade!, auto_migrate!, or query is executed, so no need to create the forwarded port yet.

Then create a new Net::SSH::Gateway, and then whenever you need DataMapper/Sequel to access the remote database, just open a port for the process, like so:

port = ssh_gate.open('127.0.0.1',3306,3307)
  child = fork do
    DataMapper.auto_upgrade! # DM call that accesses MySQL server
    exit
  end
  Process.wait
ssh_gate.close(port)

You may want to put the Net::SSH::Gateway/.open code in a begin..ensure..end block, ensure'ing the port closure and gateway shutdown.

I had to use a fork and Process.wait to establish the connection, without it the method just hangs.

share|improve this answer
add comment

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.