Technology Preview

Creating an SSH Tunnel using OpenSSH

From Linux, Mac OS X and most other UNIX-like systems you can initiate a tunnel using OpenSSH (the 'ssh' command which is pre-installed on most systems), and an additional tool called corkscrew.

Setting Up the Software

OpenSSH should already be available on your system. To test this, type:

$ ssh -V

You should see your OpenSSH version printed out.

Next, you should install Corkscrew - a little software that allows tunneling of SSH over HTTP proxies. Corkscrew is a required addition to OpenSSH in order to create a tunnel connection to Zend Developer Cloud Platform application containers.

Installing Corkscrew on Linux

On Linux, Corkscrew is probably available from your distribution's package repositories. For Ubuntu, Debian, Fedora, CentOS and RHEL you can simply install the 'corkscrew' package:

# aptitude install corkscrew

Or:

# yum install corkscrew

Installing Corkscrew on Mac OS X

On Mac OS X, Corkscrew is available through MacPorts. If you have MacPorts installed, simply open a Terminal window and run:

$ sudo port install corkscrew

To ensure that Corkscrew is properly installed, run:

$ corkscrew

You will see the Corkscrew usage message and version printed out.

Configuring SSH Settings

Next, you should create an OpenSSH configuration block that will tell OpenSSH how to create the tunnel, and will save the need to type long command line arguments on each connection attempt.

Using a text editor, open the file ~/.ssh/config (the file 'config' in the '.ssh' directory under your home directory). If this file does not exist, create it. At the end of the file, append the following lines:

Host phpcloud-tunnel
    User <CONTAINERNAME>
    Hostname <CONTAINERNAME>.my.phpcloud.com
    IdentityFile <PATH TO RSA KEY>
    HostKeyAlias proxytunnel.my.phpcloud.com
    ProxyCommand corkscrew %h 21653 %h %p
    # required for Zend Studio debugging
    RemoteForward 10137 127.0.0.1:10137
    # required for MySQL remote connectivity, change the local port 13306 if needed
    LocalForward 13306 <CONTAINERNAME>-db.my.phpcloud.com:3306
    ExitOnForwardFailure yes

Make sure you replace <CONTAINERNAME> with your Application Container name, and <PATH TO RSA KEY> with the path to your PEM encoded container private key. Next, save this file and close it.

Starting a Tunnel

Once you have the environment set up and configured, to start a tunnel run the following command in a terminal window:

$ ssh -N phpcloud-tunnel

If all goes well the tunnel will be establish and you should see the following message:

#######################################################################
#You have successfully connected to your container.                   #
#***Shell access is disabled for security reasons.***                 #
#You can use this connection to establish tunnels to your container.  #
#These can be used for for debugging and managing your mysql database.#
#Please see the following link for further instructions:              #
#https://my.phpcloud.com/help/ssh-tunnel-overview                     #
#######################################################################

To close the tunnel, just hit Ctrl + C - the ssh command will exit and the tunnel will be closed.

Once the tunnel is open, you can continue to debug your application using Zend Studio, or connect to your MySQL DB.

© 2011 Zend Technologies Ltd. All rights reserved