The process I follow to connect to my remote server is:
ssh myUserName#firstServerName
connectionKey
secondServerName
myUsername + Mypassword
After giving the connectionKey,I arrive to an "ssh bridge" which asks me on which subserver I want to connect and what is my username and password. At that point vscode directly tries to parse remote port from server output, and doesn't let me register to the secondServer.
How can I specify to vscode that it needs to connect to the second server before before doing anything else?
Related
I recently installed https://dbeaver.io/ on a Windows PC and wish to access a database on a remote Linux server from it.
My Linux username is my_username and I also have a system user psql_user. I also have two existing PostgreSQL databases with the same name as their respective user. Typically, only the psql_user is used and is access by a php-fpm pool listening to a Unix socket and running as user psql_user, and as such have configured /var/lib/pgsql/12/data/pg_hba.conf as:
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all ::1/128 ident
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
With the above configuration, after ssh'ing onto the server, I can access the my_username database by executing psql and can also access the psql_user database by executing sudo -u psql_user psql and do not need to use a password for either.
But now, how to connect from the remote Windows PC?
To attempt to do so, I first created ssh keys without passphrases on the Windows PC for both my_username and psql_user and added the public key to each Linux user's authorized_keys (had to manually create /home/psql_user/ because it is a systems user). I can can successfully PuTTY to the server as either using the ssh keys.
Next, on the DBeaver connection settings SSH tab, I checked "Use SSH Tunnel", entered the username and private key location and the Test tunnel configuration successfully shows connected with the client version as SSH-2.0-JSCH-01.54 and server version as SSH-2.0-OpenSSH_7.4. I also made no changes to the Advanced portion of this tab such as local and remote hosts and ports, and have also left the "You can use variables in SSH parameters" at their default values.
Using my server IP in the main tab, Authentication "Database Native", and leave password empty, I test the connection but get The connection attempt failed. syslog reports that connection to the IP on port 5432 failed which makes sense because I am set up using Unix sockets.
So, then I change the server IP on the main tab to 127.0.0.1 (or localhost) and try again but get FATAL: Ident authentication failed for user "my_username". Okay, a little closer, but not quite there.
I think it might be because DBeaver is passing the port so I attempt to disable this part by got to the Edit Driver tab and changing jdbc:postgresql://{host}[:{port}]/[{database}] to jdbc:postgresql://{host}/[{database}], but now get Connection to 127.0.0.1:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Not sure where to go next. When I PuTTY into the Linux machine, all is good but not when connecting remotely using DBeaver, and thought it would be the same if I am using SSH to connect DBeaver to the server. How can this be accomplished?
As pointed out in the other answer, DBeaver's SSH tunnel option doesn't support sockets currently. It is always TCP port based, so only connections using the host options in pg_hba.conf can be made (I've placed a feature request for SSH socket forwarding in DBeaver).
Here's how to set up forwarding of a local TCP port to a remote Unix socket. This allows you to use peer authentication over the Unix socket, so you don't have to provide a password for the PostgreSQL role:
ssh username#dbserver.example.com -L 5555:/var/run/postgresql/.s.PGSQL.5432 -fN
While I think that ssh tunnelling can be set up to connect to a unix socket rather than a port, I don't think dbeaver offers a way to do that, so you would have to set it up separately.
Although ident should also work if your server runs the identd service. I think most linux don't do that by default, but just apt install oidentd or whatever the equiv would be on your package manager should fix that.
The easier solution would be to just change the method from ident to md5 or scram, and assign a password (which dbeaver offers to memorize).
Normally, when I transfer a dumped database from postgres CLI in my local machine, I can simply sftp my_user_name#my_ip remotely from postgres CLI to my local machine without any problems. However, when it comes to my remote server, this seems like I have already connected with my server via ssh connection; thus, when I sudo su - postgres to open up postgres CLI, I cannot use the same technique to
i)sftp my_user_name#my_ip. It said request Connection timed out; I think this may be because they are not in the same WiFI network connection.
ii) or even sftp ubuntu#ec2-xx-xx-xx-xxx.....amazonaws.com. It said my aws ec2 server: Permission denied (public key)
I think this may result from I have made a SSH connection already, so if i sftp again, this will duplicate with the previous SSH connection.
Any idea ?? Please help
it should be simple. I will help you here. Firstly are both machines on same network ? your first comment looks like they are not on same network or we can say they are not connected to each other hence connection timed out. on your second comment; u would need to use pem file to connect to ec2.. Please give all details ; and I will give you commands etc. needed. Also, check security group of destination server if port 22 is open.
I have little problem. I am using Putty for connection to remote server.
ssh xxx.xx.xxx.xxx
After connection and login with password, I need to use command:
ssh username#servername
After this, I can use remove server via Putty, its work fine.
Now, I am looking for solution how to connect filemanager (WinSCP). I can connect to xxx.xx.xxx.xxx and browse filesystem here, but I cannot use secont ssh command for connection to computing server filesystem. How to solve this? Can I somehow open filemanager in Putty session location?
It looks like, that the connection tunneling feature from WinSCP is what you are looking for: https://winscp.net/eng/docs/tunneling
I am trying to connect Tableau to a postgres DB using a SSH tunnel. The steps I have taken are
Install postgres drivers (32 bit) on my desktop
Create the tunnel in putty (tunnel L5432 127.0.0.1:5432) and open up the terminal
From this session I can run Postgres from the command line psql -d mydb -U myuser
However, when trying to connect using Tableau I get the error message "Invalid username and Password"
If I try to connect to a DB that doesn't exists I get the same error message "Invalid username and Password"
I have also created a psql user with superuser privileges but no success. Note that the username for the ssh tunnel and the psql db are different.
I have seen a number of posts on the forum with no solution.
Can anyone help? Thanks.
Roger
I met with the same question, with slight difference, I didn't use PuTTY but instead using Cygwin Autossh.
The answer is that two tunnels need to be built, first an ssh tunnel from local host to server, and then from the server port to the database port. A possible solution is to set up ssh tunnel like this:
5432:localhost:5432 username#hostserverdomain
The first 5432 is the local port(Tableau or PGAdmin), the second localhost actually refers to the server(cuz once log in localhost means the server itself), the second 5432 is the database on the server. And in order to get access to the database, one has to log in the server.
The above is just the syntax to connect thru two tunnels using ssh.
At first I didn't understand what Roger means by two tunnels, and then I look into the underlying methodology and finally got all the setup work done. Thanks Roger!
I received this error when trying to establish an SSH tunnel using pgAdmin3
I specified the private key location on my local machine (had to
enable hidden files on my Mac finder to see it),
entered the tunnel
host (used public host IP) and
checked the 'Identity file' option.
I don't have a password set on my key.
Received this error:
Authentication by identify file failed with error code -18
What am I doing wrong (or what do I need to do differently)?
I was getting this continously on windows (VM).
So I decided pgAdmin's built in ssh tunnel was no good and just used gSTM (On linux).
Forwarding the port from the remote server 5432 to local host 5555 worked.
Then I could just use pgAdmin III on Linux to connect.
You could probably use command line like this if you don't want to use a graphical tool such as gSTM.
ssh -fNg -L 5555:localhost:5432 {your_username}#{yourdomain.com}
Source: http://dustindavis.me/ssh-tunnel-in-pgadmin3-for-postgresql/
You can also use putty on windows to forward ports.
See Connection | SSH | Tunnels menu in the PuTTY Configuration.
http://www.akadia.com/services/ssh_putty.html
Then you can access it.
Of course be very carefull messing about in a remote database.
It is a good idea to label them a red or orange colour in pgAdmin to easily identify the ones that are not on your local network.