Documentation

SSH Tunnel Connection

 

datapine allows a secure connection to your database using a SSH tunnel. This is required if your database is located on a private network or if you don’t want to make any changes to your firewall settings to allow datapine to connect to your data. In the following we will explain SSH connections, how to set up your server in order to connect via SSH and how to connect to datapine via SSH.

 

A SSH tunnel is a secured connection via a secure channel between two networked machines using a cryptographic network protocol or other secure network services. SSH is thereby the most common way to connect to a server securely. Every Unix-based system and even windows machines support SSH. This documentation focuses on Unix-like machines.

 

Setup your server to connect via SSH

 

To enable a secure SSH connection between your server and datapine you will need to setup a user with limited rights on your machine. We will then ask for the credentials of this user during the database connection setup process in datapine. This user should have the right to access your database and only needs port forwarding privilege, while all other functionalities can be restricted. You can now choose between two different methods to authenticate this user for the SSH connection.

 

1) Access by public key

 

To connect your server to datapine via public key you need to ensure that the public key authentication for your user is activated. Please follow these two steps to enable a SSH connection via public key:

 

a) On your server, create a file named datapine.pub and paste the following key content into your file. Please save this file to the respective user home folder.

 

ssh-rsaAAAAB3NzaC1yc2EAAAADAQABAAABAQDRkQtQQHczEXfBh0jfpngFUk1UD jFQXZxe9eLjqXm4L6GbiTU39K62JhSGjL/ilnyw5xTXzgMY2BlkH/IpHS5zTLay2B hSva6VLtqQgUzGeSeef+jflEthKF6a1ML6ysRiYDxWp40ghus/XB6p5gk7PElXy6q y0wPIPUiDEv12DTx7VY0XdGUfIb5oySdp3yjPlDm/s+VqRGhpoLafjmkVXz83GrXh Qgo7lA8cJ8YUDrZh6PlKksimOxBDlJ2pDmeYIpCm3PQJLc+swgpzJNv1s1zuEgVY5 vfgSmimJHk5wGqgR0vB69gnYKUAXrMgHwoleXCWegYX+OZmRWI3M+qP

 

b) Connect to your terminal console, open the home folder of your user and execute the following commands:

 

user_home$ mkdir .ssh –> create directory in case it doesn’t exist yet

user_home$ chmod 700 .ssh –> make ssh directory write enabled

user_home$ cat datapine.pub >> .ssh/authorized_keys  –> append our key

user_home$ chmod 600 .ssh/authorized_keys –> change it back to read only

user_home$ logout

 

c) Now your user is authorized for SSH connections.

 

2) Connect by using a password

 

This is the default authentification method when setting up a new user on your server. In this case the password authentication option should be activated and you will have to assign a password to your user, which you will need to provide during the setup process in datapine.

 

Connect to datapine via SSH

 

1. In the database connection process check the box next to Use SSH Tunneling to enable a connection via SSH. This will open a list of additional parameters of your server needed to connect to datapine via SSH.

 

ssh-connection

 

2. If you are not using the default port add the port that you are normally using when you connect to your server remotely.

 

3. Add the name of your SSH enabled user.

 

4. Provide the physical address of your SSH Host.

 

5. Select whether you want to connect your server using a public key or using a SSH password.

 

6. If you select to setup the SSH connection using a password you will be asked to provide this password now.

 

7. After you have provided the required credentials to setup a secure SSH connection please continue with the database connection process.

 

Notification: Please note that in case of SSH connected databases the provided database host in the connection process has to be the private networks IP address.