Set up SSH tunnel with PgAdmin 4 - ssh-tunnel

I am new to pgAdmin and to SSH tunnels. I am trying to establish a connection to a postgres DB with SSH tunnel. I am on Windows 10. I am given the following instructions (I changed all the names and ports in the below)
Add the following to your SSH config (~/.ssh/config):
Host prod
Hostname myorg.org.uk
User sshusername
IdentityFile idef.pem
LocalForward 9999 localforward.amazonaws.com:8888
Now you can tunnel your way through to PostgreSQL:
ssh -N prod
And now psql et al can connect (You must open a new Terminal window while the SSH tunnel is running):
psql -h localhost -p 9999 -U connectionusername -d dproduction
I am also given the dproduction database password for the database I am trying to connect to: dproduction_pwd
I don't understand where everything goes in pgAdmin. I did the following:
Create-Server:
Name = test
Connection:
Host Name/Address: localhost
Prot: 9999
Maintenance database: postgres
username: connectionusername
SSH Tunnel:
Tunnel host: myorg.org.uk
Tunnel post: 9999
username: sshusername
Identity file: C:\idef.pem
Password: dproduction_pwd
I must be doing something wrong, as I don't use LocalForward from the ssh config above, where does this go? putting it in Tunnel host does not work.

I managed to use SSH tunnel to access my database with Windows 10 SSH and PGAdmin SSH Tunnel. It did take a while. pgAdmin's document isn't very clear on this. Here's the difference I found:
When setting SSH tunnel with Windows 10 SSH, you need to forward a local port (9999 in your case) to the remote port (8888).
In pgAdmin, that local port is no longer needed. My guess is since it already knows you want to access which service through which tunnel, it takes care of the local port in the background. That tunnel port, in the most common cases, should be the SSH port 22.
My suggested changes to your current setting would be:
in SSH Tunnel tab, set Tunnel port to 22
in Connection tab, set Port to 8888
This should work.

Related

How to change the ssh port connection on Windows?

I am trying to connect to GitLab with an ssh key from a Windows laptop. The problem is the port of the repository has changed, and I cannot manage to change the default port 22 on the config.
I have tried with a mac laptop and it worked by editing the config file, but I cannot do the same on Windows. I created a config file with touch config and added this
Host gitlab.com
HostName gitlab.com
PreferredAuthentications publickey
IdentityFile ~/.ssh/id_rsa
Port 1122
But it does not work, terminal says it is still connecting to port 22:
C:\Users\parko>ssh -T git#gitlab.com
kex_exchange_identification: read: Connection reset
C:\Users\parko>ssh -T git#gitlab.%myRepository%.com
ssh: connect to host gitlab.%myRepository%.com port 22: Connection timed out
I also tried a solution that I found in an article to change the port directly on the command when trying to connect, but it also did not work:
C:\Users\parko>ssh -T git#gitlab.%myRepository%.com:1123
ssh: Could not resolve hostname gitlab.%myRepository%.com:1123: No such host is known.
Any idea what can be happening?
Thanks in advance.
Like #ewong said, I had to add the port with the -p parameter instead of at the end of the command
ssh -p [port number] -T git#[gitlab URL]
for me it was:
C:\Users\parko>ssh -p 1123 -T git#gitlab.%myRepository%.com

How to use an remote instance as "proxy" to ssh port

In my local network I currently can't ssh to bitbucket:
telnet bitbucket.org 22 fails.
But I can ssh to an remote ubuntu instance that can ssh to bitbucket (the command above works).
How can I configure my connectivity to make my traffic to bitbucket port (22) go through this intermediary instance?
I tried running the command below but did not work:
sudo ssh -i mykey -N -L 22:remote_instance:22 ubuntu#remote_instance (ps: remote_instance can access bitbucket with port 22).
Thanks :)

DBVisualizer Hive SSH Tunnel Ignoring Server Information

I'm attempting to setup a connection to our Hadoop cluster via DBVisualizer.
In order to connect I need to SSH into a server on the domain and then I need to run the command to a remote server (I've not ssh'd onto the Hadoop cluster directly)
I have (figuratively)
Database Server: abcd.efg
Database Port: 12345
Database: Hello
configured for the Database section
SSH Host: hijk.efg
SSH Port: 678
When I attempt a connection, it returns
Could not open client transport with JDBC Uri:
jdbc:hive2://127.0.0.1:-----
Where 127.0.0.1 and ----- appear to be the defaults instead of what I entered.
Any idea how I get the SSH tunnel to use the server configuration I specify?
The SSH Tunnel is set up locally on the client, so connecting to the port on localhost tunnels you to the SSH Host/Port, which then sets up a connection to the database server/port you have specified. This page may help:
http://confluence.dbvis.com/display/UG100/Using+an+SSH+Tunnel
Best Regards,
Hans

Vagrant port fowarding on macOS?

I'm running postgresql on a Vagrant centos 7.2 box on macOS. I have confirmed postgres is up and running on the Vagrant box on port 5432 by connecting to it using psql on the box itself. I am attempting to forward port 5432 on the Vagrant box to port 10001 on my host machine as follows:
config.vm.define "acc_db" do | acc_db |
acc_db.vm.box = "bento/centos-7.2"
acc_db.vm.hostname = "acc.db"
acc_db.vm.network :forwarded_port, guest: 5432, host: 10001
acc_db.vm.provision "shell",
inline: "yum upgrade -y -q --nogpgcheck"
acc_db.vm.provision "shell",
path: "install_postgres.sh"
I have altered my pg_hba.conf to bind to all ip addresses and allow password authentication, as below:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 0.0.0.0/0 md5
# IPv6 local connections:
host all all ::1/128 ident
I have turned off the firewall but I am still unable to connect to postgres on port 10001 on the host machine:
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.10001"?
How do I fix this so that port forwarding works?
I have seen https://gielberkers.com/fixing-vagrant-port-forwarding-osx-yosemite/ but haven't tried it as it involves touching files I'm unfamiliar with. Is it the correct approach? It looks like you have to explicitly allow every port you want to forward via Vagrant.
...connections on Unix domain socket "/tmp/.s.PGSQL.10001" means that you are not attempting a TCP/IP connection, so port forwarding cannot happen.
By default, psql use Unix domain sockets on unix-like OSes.
Use the -h option of psql to specify a host, presumably 127.0.0.1 if using IPv4.
Additionally, the PostgreSQL server must listen to the network interface to which the connection will be routed. By default, it listens only to localhost for security reasons.
Setting listen_addresses='*' in postgresql.conf makes it listen on all existing interfaces.

ssh to amazon EC2 over proxy

I have some problem connecting to my amazon EC2 server over ssh over proxy.
I have my username and password for http proxy port 8080.(dont have control over proxy)
Also I have my connection string which would work without proxy
ssh -i key.pem root#xx.compute.amazonaws.com
when I am trying to connect I am getting "No route to host" error
I tried to use putty, configured proxy + authentication file, But then I getting this error
"Unable to use this key file (OpenSSH SSH-2 private key)"
Also I dont know how putty inserts my proxy config, into ssh connection string, so I could try it in terminal
I was facing the same problem and this is what I used to connect, using corkscrew. My config file looks like this
Host AWS
Hostname <Public DNS>
Port 443
#Write the appropriate username depending on your AMI, eg : ubuntu, ec2-user
User ubuntu
IdentityFile </path to key file>
ProxyCommand /usr/bin/corkscrew 10.10.78.61 3128 %h %p
then I simply use this command to connect
ssh AWS
and it works flawlessly.
Note : You must edit your sshd_config file on the server to listen to ssh connections on port 443 (in addition to 22) and restart the ssh daemon.
Are you sure you can login as root? Try logging in as ec2-user instead.
Also, if you have assigned an elastic IP to your instance, the public DNS has probably changed. Log in to the aws console, and select your instance. Scroll down to look at the public DNS again and double check you are using the correct xx.compute.amazonaws.com addr.

Resources