I'm trying to use ssh to connect vscode to a HPC. Unfortunately to connect I need to use a jump host which prompts for the forward connection.
ssh config
Host <JUMP_HOST_IP>
HostName <JUMP_HOST_IP>
User MYUSER
ControlMaster auto
ControlPath ~/.ssh/%r#%h:%p
Host <TARGET_IP>
Hostname <TARGET_IP>
ProxyJump <JUMP_HOST_IP>
User MYUSER
Attempting to connect then displays the prompt Enter host or service name: in the ssh output terminal but as vscode attempts to install I just get the following error: Enter host or service name: Bad format host name
Related
The process I follow to connect to my remote server is:
ssh myUserName#firstServerName
connectionKey
secondServerName
myUsername + Mypassword
After giving the connectionKey,I arrive to an "ssh bridge" which asks me on which subserver I want to connect and what is my username and password. At that point vscode directly tries to parse remote port from server output, and doesn't let me register to the secondServer.
How can I specify to vscode that it needs to connect to the second server before before doing anything else?
I recently installed https://dbeaver.io/ on a Windows PC and wish to access a database on a remote Linux server from it.
My Linux username is my_username and I also have a system user psql_user. I also have two existing PostgreSQL databases with the same name as their respective user. Typically, only the psql_user is used and is access by a php-fpm pool listening to a Unix socket and running as user psql_user, and as such have configured /var/lib/pgsql/12/data/pg_hba.conf as:
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all ::1/128 ident
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
With the above configuration, after ssh'ing onto the server, I can access the my_username database by executing psql and can also access the psql_user database by executing sudo -u psql_user psql and do not need to use a password for either.
But now, how to connect from the remote Windows PC?
To attempt to do so, I first created ssh keys without passphrases on the Windows PC for both my_username and psql_user and added the public key to each Linux user's authorized_keys (had to manually create /home/psql_user/ because it is a systems user). I can can successfully PuTTY to the server as either using the ssh keys.
Next, on the DBeaver connection settings SSH tab, I checked "Use SSH Tunnel", entered the username and private key location and the Test tunnel configuration successfully shows connected with the client version as SSH-2.0-JSCH-01.54 and server version as SSH-2.0-OpenSSH_7.4. I also made no changes to the Advanced portion of this tab such as local and remote hosts and ports, and have also left the "You can use variables in SSH parameters" at their default values.
Using my server IP in the main tab, Authentication "Database Native", and leave password empty, I test the connection but get The connection attempt failed. syslog reports that connection to the IP on port 5432 failed which makes sense because I am set up using Unix sockets.
So, then I change the server IP on the main tab to 127.0.0.1 (or localhost) and try again but get FATAL: Ident authentication failed for user "my_username". Okay, a little closer, but not quite there.
I think it might be because DBeaver is passing the port so I attempt to disable this part by got to the Edit Driver tab and changing jdbc:postgresql://{host}[:{port}]/[{database}] to jdbc:postgresql://{host}/[{database}], but now get Connection to 127.0.0.1:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Not sure where to go next. When I PuTTY into the Linux machine, all is good but not when connecting remotely using DBeaver, and thought it would be the same if I am using SSH to connect DBeaver to the server. How can this be accomplished?
As pointed out in the other answer, DBeaver's SSH tunnel option doesn't support sockets currently. It is always TCP port based, so only connections using the host options in pg_hba.conf can be made (I've placed a feature request for SSH socket forwarding in DBeaver).
Here's how to set up forwarding of a local TCP port to a remote Unix socket. This allows you to use peer authentication over the Unix socket, so you don't have to provide a password for the PostgreSQL role:
ssh username#dbserver.example.com -L 5555:/var/run/postgresql/.s.PGSQL.5432 -fN
While I think that ssh tunnelling can be set up to connect to a unix socket rather than a port, I don't think dbeaver offers a way to do that, so you would have to set it up separately.
Although ident should also work if your server runs the identd service. I think most linux don't do that by default, but just apt install oidentd or whatever the equiv would be on your package manager should fix that.
The easier solution would be to just change the method from ident to md5 or scram, and assign a password (which dbeaver offers to memorize).
I have a Postgres instance under the private subnet, I don't have VPN configured to connect, even it's not allowed with my Bastion ( jump node ).
Is there any way to connect it through my local machine to testing for development?
The default port is 5432.
and I have ssh access to my application server through Bastion node.
Port Forwarding is a process where you can establish a connection from your computer (on the Internet) into the Bastion server, and then forward traffic to the database.
ssh -i key.pem ec2-user#BATION-IP -L 5432:DATABASE-DNS-NAME:5432
Then, in your SQL client, connect to the database via:
localhost:5432
When the SQL client goes to port 5432 on your local computer, the SSH connection will forward that traffic to the bastion server, which will then send it to: DATABASE-DNS-NAME:5432
(You can actually use any port number locally. For example, you could create multiple forwarding connections to different databases, each on a different port.)
As you have ssh access to your application server through Bastion.
Then you may create two-level ssh tunnel proxy. As Postgres is not allowed even though Bastion node, only allowed through the application server.
1: Create a tunnel from the Application Server to the bastion node.
ssh-add ~/.ssh/id_rsa ;ssh -oStrictHostKeyChecking=no -Att -l USER_NAME BASTION IP ssh -oStrictHostKeyChecking=no -Att -l USER_NAME APP_SERVER_IP -L 5432:AWS_POSTGRESS_END_POINT:5432
(keep open this terminal)
2: Create another tunnel from Bastion to local computer:
(open new terminal )
ssh-add ~/.ssh/id_rsa ;ssh -oStrictHostKeyChecking=no -Att -l USER_NAME BASTION_IP -L 5432:localhost:5432
(keep open this terminal)
3: use localhost or 127.0.0.1 with 5432 port in the connection string (to connect from local machine) instead of Postgress endpoint.
Note: replace correct ssh key path and your user name with boldly highlighted text. and keep open both terminal open to maintain the session.
I discover Visual Studio Code Remote Development Extension Pack. I wanted to try it, but my remote is on a 2222 port.
I can correctly connect with Putty and my port 2222, same on my Linux laptop with ssh command.
What is the correct config to use Code Remote via SSH with other port ?
Thanks
Host my-remote-connection
HostName mydomain.name
User myusername
Just add Port to your config like:
Host my-remote-connection
HostName mydomain.name
User myusername
Port 2222
I'm trying to use Robomongo (or Robo 3T) under Mac to control my mongodb in the remote Ubuntu & Nginx server.
Normally, I need to ssh xxx.xx.xx.xx in a terminal with a username and a password to connect to the server. in /etc/nginx/sites-enabled/myweb.io, there is listen 443 ssl.
In Robo 3T, I tried to set up the connection with Use SSH tunnel. I tried the port number 443 or 80. But it gave me an error: Error: Resource temporarily unavailable. Error when starting up SSH session: -13. (Error #35)
Does anyone know how to fix this?
The correct setting is
1) under SSH, check User SSH tunnel, use port 22
2) and under Connection, write 127.0.0.1:27017
I've done few configurations on my Ubuntu 18 Vagrant box in order to successfully connect MongoDB remotely using Robo 3T GUI. I've explained in the following steps.
On Ubuntu server, to open mongo shell run:
$ mongo
Inside mongo shell, type following command to create new a admin user.
> use admin;
> db.createUser({user:"admin", pwd:"password", roles:[{ role: "root", db: "admin" }]});
By default mongodb is configured to allow connections only from localhost(IP 127.0.0.1). We need to allow remote connections from any ip address. The following change should only be done in your development server. Open up etc/mongod.conf file and do the following change.
# network interfaces
net:
port: 27017
bindIp: 0.0.0.0 #default value is 127.0.0.1
Also in the same mongod.conf file uncomment security option and add authorization option as shown below.
security:
authorization: enabled
Save and exit the mongod.conf file and restart mongodb server.
$ sudo servcie mongod restart
Download and install Robo 3T GUI tool.
On Robo 3T GUI, in the connection settings, you need to do few changes as shown on
below screen shots.
Enter mongodb admin database username and password which you have created earlier.
Here, I have entered my Ubuntu 18 Vagrant box ssh credentials.
Save the changes and press connect icon to see if the connection is working fine.
Connect to remote MongoDB using Roto3t
Firstly, we should check the standard URI connection scheme
for mongodb
mongodb://[username:password#]host1[:port1][,...hostN[:portN]]][/[database][?options]]
We make a SSH Connection to the remote MongoDB on Cloudfoundry
in my case
cf ssh -L port_forwarding:HOST_NAME:Port NAME_OF_APP
(1) In the Connection tab in Robo3T we choose
Type: direct connection
Name: choose_any_connection_name
Address: localhost and port is 'port_forwarding' we choose in the SSH connection we made.
(2) in the Authentication tab, we should add database, username, password, and Auth Machanism: SCRAM-SHA-1
(3) in the SSH Tab we will uncheck use SSH tunnel as we made it manually.
Now, if you click test the connection should be successfully done.
Note: If we use Studio 3T it will parse the URI and fill all these fields for us.