Dear MySQL Connector/NET community,

We are proud to announce that version 8.0.17 is introducing support for SSH tunneled connections through the classic MySQL protocol and X Protocol. SSH enables the creation of secure encrypted connections between the local and a remote computer allowing services or components to be accessed, MySQL Server in this case. With SSH tunneling, users can connect to a MySQL Server from behind a firewall when the server port is blocked. The server doesn’t require any additional configuration for this type of connection and continues to work as usual.

Users can also add an extra layer of security by making use of SSL over SSH connections, which brings us to the second announcement. Connector/NET previously included support for SSL connections via PFX certificates, which are exclusive to Windows. However, now the support for SSL …

We have been using SSH all the time but not all people really understand the files we put inside the ~/.ssh folder on our computer. It was a myth to me when I was first using SSH, but things are pretty clear to me now and I want to share this with all of you, just in case you don't know.

known_hosts

This file is responsible for verifying the host we have connected to. If it was the first time you connect to a host, you would probably see the following message:

The authenticity of host 'example.com (10.0.0.0)' can't be established.
RSA key fingerprint is    SHA256:VqgUG8v+gxrigR1csELYv6Un6l7HxMgPgMj9wyUr7G4.
Are you sure you want to continue connecting (yes/no)?

The moment you select yes to continue connecting, the hostname along with the public key of the server will be saved as a new line in this file. Why we need this file? Just imagine that for some reason our routing has …

Another post on Ansible over on the codecentric blog: Jinja2 for better Ansible playbooks and templates linked here for your convenience :)

On the company blog I published a post about our experience with Ansible today.

It is no shoot out between different automation tools, but rather a collection of Ansible basics and our experience with it so far. Soon another post will follow about dynamically generated inventories for OpenStack virtual environments.

You can find it here: codecentric blog: Ansible: Simple, yet powerful automation.

Over on the codecentric blog I published an article on SSH Two-Factor Authentication with Duo Security. You are welcome to check it out.

This is the second part of two series of blog posts to setup a SSH connection on Windows from scratch. The first part can be found here.
This article describes in step by step fashion a guide on how to create and configure a SSH Tunnel with port forwarding to a remote MySQL server running FreeSSHd on Windows using Putty locally.

This article describes in step by step fashion a guide on how to install and configure a SSH server in a MySQL server running on Windows using FreeSSHd. 

SSH tunnels provide a very effective means to access remote services and applications. Not only does it provide encryption of data between hosts, but it allows you to route connections between a sequence of servers, thus chaining connections. A common use of this method is to provide encrypted connections to MySQL servers so that user accounts can be limited to only “localhost” privileges, yet accessed from remote workstations without having to run MySQL+SSL.

The concept is simple, for example let’s say you have three servers: localhost (your workstation in America), a server in Europe, and a server in Japan. You want to access Apache running on port 80 on the Japan server but because of firewall restrictions you cannot access port 80 remotely, and to make things more difficult the Japan server only allows SSH connections from the Europe server’s IP. We can solve this by creating a SSH tunnel that forwards localhost port 8080 …

A special extended edition of Tech Messages for 2011-09-21 through 2012-05-11:

• Understanding Linux CPU Load - when should you be worried?
• Performance Testing - Load Balancer SSL Stress Testing
  This is a great simple test. Thanks, Corey!
• Mosh: the mobile shell
• Twitter open sources its MySQL secret sauce
• Lab Overview
  This guy is serious about his lab!

I’ve been playing around with some quick system automation scripts that are handy to use when you don’t want / need to setup a chef or puppet action. I like to keep all of my hostnames and login details in a MySQL database (a cmdb actually) but for this example we’ll just use a couple of nested lists. This script executes commands in parallel across the hosts you choose in the menu system via the “pdsh” command, so make sure you have that installed before running. Alternately you can change the command call to use ssh instead of pdsh for a serialized execution, but that’s not as fun or fast. With some customizations here and there you can expand this to operate parallelized jobs for simplifying daily work in database administration, usage reporting, log file parsing, or other system automation as you see fit. Here’s the code. Comments welcome as always!

#!/usr/bin/env python
## NAME: menu_parallel_execution.py
## DATE: …