ssh port forwarding through a pseudo terminal

Question

Here's a situation:

I do all my work on a Mac.

1. There's a certain linux server 'server01' that provides access to another linux server 'server02' via a pseudo terminal

   So, to ssh into 'server02', I do this from my mac:

   ssh -t server01 'inline server02'
   

2. Then it asks me for a password to 'server01'; I enter it and that logs me into 'server02'. Now, I am on the 'server02' terminal.

3. From 'server02' I can access the mysql database that is sitting on 'server03' using the following mysql command:

   mysql --host=server03 --port=4201 --user=myuser --password=mypass mydb
   

4. Neither 'server01' nor 'server02' or my mac have direct SSH access to 'server03'

Now, I want to access the mysql on 'server03' from my mac directly through some kind of port forwarding. So, if I type the below command on my mac terminal, it should connect me to the mysql database on 'server03':

mysql --host=localhost --port=4201 --user=myuser --password=mypass mydb

Is there a way to do that? Any help is greatly appreciated.

Answer 1

Set up a chain of forwardings. First, connect to server1 and add a forward for SSH connections to server2:

mac% ssh -f -N -L 10022:server2:22 server1

(The -f -N options will make it run in background.)

Then connect to server 2 via that forward, and add a forward for MySQL connections to server 3:

mac% ssh -f -N -L 14201:server3:4201 -p 10022 -o HostkeyAlias=server2 localhost

(You're connecting to localhost port 10022, and the earlier forward lets you reach server2. HostkeyAlias is optional, just some paranoia.)

Finally connect to server 3:

mac% mysql --host=localhost --port=14201 ...