Re: ssl tunneling in postgres 8.1 - Mailing list pgsql-novice

From Tom Lane
Subject Re: ssl tunneling in postgres 8.1
Date
Msg-id 7363.1227117411@sss.pgh.pa.us
Whole thread Raw
In response to Re: ssl tunneling in postgres 8.1  ("P Kapat" <kap4lin@gmail.com>)
Responses Re: ssl tunneling in postgres 8.1
List pgsql-novice
"P Kapat" <kap4lin@gmail.com> writes:
> The suggested commands are:

> client$ ssh -L 3333:foo.com:5432 joe@foo.com
> client$ psql -h localhost -p 3333 postgres

> They are just INCOMPLETE, half-baked mess :( In fact, they are simply
> wrong!

They're not wrong.  There's still something funny about your setup
if that doesn't work ... and I'm afraid Regina's suggestion of a
reverse channel is just nonsense.

> The correct commands are (at least the ones that worked in my case):

> client$ ssh -R 5432:localhost:3333 -L 3333:localhost:5432 joe@foo.com

The -R switch is useless here.  The important point AFAICT is that you
used localhost rather than foo.com in the -L switch.  That name is being
evaluated at the remote end.  What I suppose is happening is that the
Postgres server is configured to listen to 127.0.0.1 (ie, "localhost")
but not its external IP address (whatever "foo.com" resolves as).
If you don't want to change that then "localhost" is the correct thing
to be using.

            regards, tom lane

pgsql-novice by date:

Previous
From: "P Kapat"
Date:
Subject: Re: ssl tunneling in postgres 8.1
Next
From: Mark Wimer
Date:
Subject: Re: connecting /sharing tables across databases