In an upcoming project I have a two server setup: one is the application server and another, already existing runs the mysql server with databases I need to access. I contacted the server admin of the mysql server and the only way I can access the remote mysql databases is via "SSH tunnel". I have never done this before and never heard of it so far, so my question, are there any drawbacks, e. g. performance wise? Isnt it rather slow compared to directly accessing the mysql server on its default port?
For client access, it's a great recommendation as opposed to sending plaintext database traffic via the Internet. You'd also risk the authentication data. The overhead is no more than any other SSH session.
For application access, I'd recommend MySQL over SSL instead.
From the admin side, you lose the ability to restrict access per host from mysql, since mysql will see all connections from from your bounce host. You do gain more powerful authentication control options from the sshd server.
From the client side, you have to ensure that tunnel is up, when your applications needs the connection. If you need it up for a long period of time, you may have to play with ssh keepalives + running dummy applications over the ssh connection so you don't get auto-logged out.