SSH Tunneling
How to connect to databases using SSH tunneling
Introduction
SSH tunneling is a method used to connect to databases that are behind a firewall. This method allows you to connect to a database server through an SSH server. This is useful when you need to access a database that is not directly accessible from your local machine.
Setup SSH tunneling
Let’s imagine the following scenario:
- You have a managed PostgreSQL database running on a private network that is not directly accessible from the internet.
- You have a server that is accessible from the internet and has SSH access to the managed database. The public DNS of this server is
server.acme.com. And the server can connect to the managed database using the private DNSdatabase.acme.com. - You want to connect to the managed database from your local machine.
In this scenario, you can use SSH tunneling to connect to the managed database through the server that has SSH access to the managed database. To do so, run the following command from a terminal:
In this command:
ssh: Is the command to initiate SSH-L 5432:database.acme.com:5432: Sets up the port forwarding. It forwards your local port 5432 to port 5432 on the RDS instance. Replacedatabase.acme.comwith the actual endpoint of your RDS database.{SERVER_USERNAME}@server.acme.com: Replaceserver.acme.comwith the public IP address or DNS of your server. Replace{SERVER_USERNAME}with the username you use to connect to the server. This command assumes password-based authentication and will prompt you to enter the password for the username. Refer to ssh’s documentation if you need to use a different authentication method.
After running this command, you can connect to the managed database from your local machine as if it were running on localhost:5432. For example, when configuring your Latitude source file, you would use the following settings: