So, if you are using an SSH account on your database server (which isn’t that great of an idea, unless it’s all that you have) then you’ll just configure the SSH things on your equivalent of db.insum.ca instead of on. If any components are collapsed (or don’t exist), you just use the appropriate machine name. If there is a firewall, 3 & 4 are not visible to the outside world. In most cases, the attacker will only have a chance of finding your random port by doing a port scan on your firewall and your firewall will shut it down before it makes it to the port you chose. If you assign some non-standard port, those attacks will be greatly reduced. * If you have your firewall forward the standard SSH port (22) you will get a LOT of random hacking attempts. Throughout this blog post, I will use the machine names above in the examples. Aside from more things to configure and troubleshoot, though, it doesn’t change the steps required for this blog post. You might have an additional firewall between 3 & 4. Firewall (insum.ca) which is port forwarding (potentially from some random port, e.g. Laptop with SQLDev or SQLcl (myLaptop or “localhost”), potentially outside the firewall.Ģ. In my case, I always have at least 3 and sometimes 4 or 5 machines involved. Unfortunately, most of those, including the help, look at a simple case with only one or two machines involved. In both cases, you have probably fallen victim to thinking you have followed the SQL Developer help or the many blog posts about how to do this. In SQLcl, you may see this: Status : Failure -Test failed: IO Error: Connection reset by peer, connect lapse 3 ms., Authentication lapse 0 ms. IO Error: Connection reset by peer, connect lapse 73 ms., Authentication lapse 0 ms. In SQL Developer you may see the following: An error was encountered performing the requested operation: I’m also going to include the error message you may receive if you do it incorrectly. Use SQL Developer to establish the SSH Tunnel Use SSH command line to establish the SSH TunnelĢ. I’m going to present the “SSH Tunnel” solution, in two flavors:ġ. My colleague and overall Oracle and Linux guru, Rich Soule, published a white paper with all the details of the full setup. This could be for a variety of reasons and there are a variety of solutions. Let’s say you have a database and you want to encrypt the SQL*Net (or jdbc) traffic from the db server to the client (e.g. Alas, it’s not just my eyes that are getting old. It’s embarrassing how often that happens. This time, though, I’m blogging about it, including the error message, so that next year when I Google the error message, I’ll find my own blog post. Like I said, when you don’t do something frequently, you forget the details. Each time I went through the same issues and errors. Worked it out again 18 months ago using SQL Developer. I worked out how to do it years ago (using SSH without the assistance of SQL Developer). I didn’t set up my SSH tunnel in SQL Developer correctly. I’ll spare you most of the trials I attempted working through the different upgrades and provide the spoiler: it was operator error. It allows you to encrypt SQL*Net (or any other kind of traffic) between your laptop and database (or other) server. All went well until I tried to set up the connections that require an SSH tunnel. SSH Tunnel ConnectionsĪfter increasing the SQL Dev font size (my eyes aren’t what they used to be) I endeavored to recreate my connections. I don’t do a SQL Dev upgrade that often, so I forgot that it would overwrite everything. Sadly, this isn’t the first time I’ve done this. The challenge started when I realized that by “upgrading” SQL Developer on my Mac, I actually overwrote the previous install, thereby deleting all of my connections and preferences. Naturally, I updated to the latest JDK, which is higher than SQL Dev 18.1 supports, but hey, why not?Īny time you change more than one thing, troubleshooting becomes complicated. I recently did multiple upgrades on my Mac: the O/S to High Sierra, SQL Developer to 18.1, and then the JDK to bring it up to a level that SQL Dev requires.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |