connecting vs code to gcp cloudshell via ss - visual-studio-code

I'm trying to connect vscode to cloud shell through ssh. I found the following article https://medium.com/#alex.burdenko/vs-code-happens-to-be-my-favorite-code-editor-and-ive-been-lucky-to-participate-so-many-diverse-952102856a7a. I followed all the steps and I'm able to ssh via the command line. However when I try to ssh via vscode I get an error.
This is what I have specified in the config file
Host tmp_user#35.186.145.21
Port 6000
ForwardAgent yes
HostName tmp_user#35.186.145.21
User tmp_user
IdentityFile ~/.ssh/google_compute_engine
When I execute gcloud alpha cloud-shell ssh --dry-run I get the following
/user/bin/ssh -t -p 6000 -i /home/tmpus/.ssh/google_compute_engine -o StrictHostKeyChecking=no tmp_user#35.186.145.21 -- DEVSHELL_PROJECT_ID=myprj 'bash -l'

Google's Cloud Code extension for VS Code should automatically connect you to Cloud Shell via SSH. You can use one of the documented links here to automatically install the extension and open a sample or you can install Cloud Code directly from the marketplace and utilize the command palette (ctrl/cmd-shift-p) to run Cloud Code: Open in Cloud Shell.... This will also create the requisite entry in your host file but please keep in mind that IPs, host names, etc are temporary and only valid while the instance of your Cloud Shell session is live. This is likely the reason your connection fails with access is denied.

Remove "tmp_user#" from the HostName field.
Try this:
Host tmp_user#35.186.145.21
Port 6000
ForwardAgent yes
HostName 35.186.145.21
User tmp_user
IdentityFile ~/.ssh/google_compute_engine

When you create cloud shell with
gcloud cloud-shell ssh --authorize-session --dry-run
In the answer you have something like this:
/usr/bin/ssh -t -p 6000 -i /home/tmp_user/.ssh/google_compute_engine -o StrictHostKeyChecking=no tmp_user#35.186.145.21 -- DEVSHELL_PROJECT_ID=XXXXXXXX 'bash -l'
So you add StrictHostKeyChecking parameter (UserKnownHostsFile /dev/null because it's temporary).
Your config file is like this:
Host tmp_user#35.186.145.21
Port 6000
ForwardAgent yes
HostName 35.186.145.21
User tmp_user
StrictHostKeyChecking no
UserKnownHostsFile /dev/null
IdentityFile ~/.ssh/google_compute_engine

Related

SSH via WSL in VSCODE to specific port

Referring to this thread Can I ssh from WSL in visual studio code?
I'm able to ssh on port 22 but is there a way to specify a port via WSL also?
my config:
Host IP
HostName IP
ForwardAgent yes
Port 2222
my ssh.bat
C:\Windows\system32\wsl.exe bash -ic 'ssh %*'
however it's not connecting with the following errors
[11:01:27.830] "install" terminal command done
[11:01:27.831] Install terminal quit with output: error: unknown command: bash
[11:01:27.832] Received install output: error: unknown command: bash
[11:01:27.833] Failed to parse remote port from server output
[11:01:27.834] Resolver error: Error:
I see the obvious command: bash error but I have multiple connections using this ssh.bat so reluctant to mess with it.
Any ideas would be helpful thanks!

How to connect to windows postgres Database from WSL

I'm running Postgres 11 service on my Windows computer.
How can I connect to this database from WSL?
When I try su - postgres:
postgres#LAPTOP-NQ52TKOG:~$ psql
psql: could not connect to server: No such file or directory
Is the server running locally and accepting
connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"
It's trying to connect to a Postgres in WSL. I don't want to run Ubuntu Postgres using:
sudo /etc/init.d/postgresql start
WSL2 assigns IP address to the Windows host dynamically and the IP addresses can change without even rebooting Windows (see Notes below). So to reliably connect we'll need to:
Allow Windows and Postgres to accept connections from the WSL2 IP address range (not allowed by default)
From WSL2, determine the Windows/Postgresql host's IP address (which is dynamic) when connecting via psql. We'll make this convenient via .bashrc and alias.
Unfortunately I couldn't find the exact specification for the WSL2 IP address range. From several tests/reboots it appears that WSL2 is assigning IP addresses primarily in range of 172.*.*.* but I have occasionally been assigned 192.*.*.* so we'll use these when configuring the firewall and Postgres.
Add Windows Firewall Inbound Port Rule for WSL2 IP Addresses:
Open Windows Defender Firewall with Advanced Security
Click New Rule...
Select Port for rule type
Select TCP and for Specific local ports enter 5432
Select Allow the connection. Connecting from WSL2 won't be secure so don't select the secure option
Select at least Public. Can select Domain and Private as well. I could only connect if Public was selected
Name the rule e.g. Postgres - connect from WSL2 and create it
Right click newly created rule and select Properties then click on the Scope tab
Under Remote IP address, select These IP addresses then click Add... and enter range 172.0.0.1 to 172.254.254.254
Repeat step 9 for IP address range 192.0.0.1 to 192.254.254.254
Click Apply then OK
Make sure rule is enabled
Configure Postgres to Accept Connections from WSL2 IP Addresses
Assuming a default install/setup of Postgresql for Windows the following files are located under C:\Program Files\PostgresSQL\$VERSION\data
Verify that postgresql.conf has following set:
listen_addresses = '*'
This should already be set to '*' so nothing do here.
Update pg_hba.conf to allow connections from WSL2 range e.g. for Postgresl 12:
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 172.0.0.0/8 md5
host all all 192.0.0.0/8 md5
For Postgresql 13+ you should use scram-sha-256 as the method.
Restart Postgres for changes to take effect. This can be done either from the Windows Services app or from cmd with Administrator privileges e.g. for Postgresql 12:
net stop postgresql-x64-12
net start postgresql-x64-12
WSL Shell Conveniences
In WSL, add following to your ~/.bashrc or similar:
# Add DNS entry for Windows host
if ! $(cat /etc/hosts | grep -q 'winhost'); then
echo 'Adding DNS entry for Windows host in /etc/hosts'
echo '\n# Windows host - added via ~/.bashhrc' | sudo tee -a /etc/hosts
echo -e "$(grep nameserver /etc/resolv.conf | awk '{print $2, " winhost"}')" | sudo tee -a /etc/hosts
fi
Then reload your .bashrc changes: source ~/.bashrc
Usage
psql -h winhost -p 5432 -U postgres
Notes:
The IP address assigned to the Windows host by WSL2 is not the same as the IP address assigned to your physical Windows machine on your network. WSL2 uses vEthernet connections.
You can inspect the vEthernet connections via Control Panel\Network and Internet\Network Connections
Note that when looking at the IPv4 properties that the IP addresses will appear as if they are statically set but they aren't! Try rebooting and inspecting IPv4 properties again
If one day you're unable to connect to Postgres, check that winhost is in the IP address range per firewall rules. Could be WSL has assigned an IP address that we weren't expecting!
In WSL2 you need to use host IP to connect
to get host IP
grep nameserver /etc/resolv.conf | awk '{print $2}'
then you need to allow TCP 5432 inbound Rules in 'Windows Defender Firewall with Advanced Security'
I made my self PS.you still need to allow TCP 5432 in Firewall
put this in ~/.bashrc
cat /etc/hosts | grep 172.; test $? -eq 0 && $1 || echo -e "$(grep nameserver /etc/resolv.conf | awk '{print $2, " host"}')\n$(cat /etc/hosts)" | sudo tee /etc/hosts
its append host IP to /etc/hosts if not exist before(usually happened when restart wsl or computer)
then
psql -h host -p 5432 -U postgres
Specify your host, port, and username explicitly
For example:
psql -h 127.0.0.1 -p 5432 -U postgres
For me what worked was to follow these steps:
Change pg_hba.conf to listen on all interfaces: host all all 0.0.0.0/0 trust
Open firewall for postgresql
Use one of the hostnames in /etc/hosts that pointed to the ip of my host. This hostname for me was: host.docker.internal
This issue can be fixed in two possible ways
Specify the host and user name explicitly
psql -h localhost -U postgres
Or
Navigate to the runpsql.sh file and run the query
/Library/PostgreSQL/14/scripts/runpsql.sh
Now run the psql query by entering password (if needed)

"psql: could not connect to server: Connection refused" Error when connecting to remote database

I am trying to connect to a Postgres database installed in a remote server using the following command:
psql -h host_ip -U db_username -d db_name
This is the error that occurs:
psql: could not connect to server: Connection refused
Is the server running on host "<host_ip>" and accepting
TCP/IP connections on port 5432?
Postgres installed version is 9.4.
Host operating system: Ubuntu 15.04
Client operating system: Centos 7
I already tried the following but the issue remains unresolved:
Edited pg_hba.conf file to include
host all all 0.0.0.0/0 md5
Edited 'postgresql.conf' and changed the listen parameter to
listen_addresses='*'
Restarted Postgres service.
Disabled firewall and iptables on host and client.
I checked by running the psql command locally and it worked.
I tried the second solution given in this question. Running nmap gave me the following output:
Starting Nmap 6.47 ( http://nmap.org ) at 2015-09-07 18:08 IST Nmap scan report for 10.17.250.250 Host is up (0.0000040s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http
Am I missing something? Hope someone can help.
cd /etc/postgresql/9.x/main/
open file named postgresql.conf
sudo vi postgresql.conf
add this line to that file
listen_addresses = '*'
then open file named pg_hba.conf
sudo vi pg_hba.conf
and add this line to that file
host all all 0.0.0.0/0 md5
It allows access to all databases for all users with an encrypted password
restart your server
sudo /etc/init.d/postgresql restart
Check the port defined in postgresql.conf. My installation of postgres 9.4 uses port 5433 instead of 5432
I have struggled with this when trying to remotely connect to a new PostgreSQL installation on my Raspberry Pi. Here's the full breakdown of what I did to resolve this issue:
First, open the PostgreSQL configuration file and make sure that the service is going to listen outside of localhost.
sudo [editor] /etc/postgresql/[version]/main/postgresql.conf
I used nano, but you can use the editor of your choice, and while I have version 9.1 installed, that directory will be for whichever version you have installed.
Search down to the section titled 'Connections and Authentication'. The first setting should be 'listen_addresses', and might look like this:
#listen_addresses = 'localhost' # what IP address(es) to listen on;
The comments to the right give good instructions on how to change this field, and using the suggested '*' for all will work well.
Please note that this field is commented out with #. Per the comments, it will default to 'localhost', so just changing the value to '*' isn't enough, you also need to uncomment the setting by removing the leading #.
It should now look like this:
listen_addresses = '*' # what IP address(es) to listen on;
You can also check the next setting, 'port', to make sure that you're connecting correctly. 5432 is the default, and is the port that psql will try to connect to if you don't specify one.
Save and close the file, then open the Client Authentication config file, which is in the same directory:
sudo [editor] /etc/postgresql/[version]/main/pg_hba.conf
I recommend reading the file if you want to restrict access, but for basic open connections you'll jump to the bottom of the file and add a line like this:
host all all all md5
You can press tab instead of space to line the fields up with the existing columns if you like.
Personally, I instead added a row that looked like this:
host [database_name] pi 192.168.1.0/24 md5
This restricts the connection to just the one user and just the one database on the local area network subnet.
Once you've saved changes to the file you will need to restart the service to implement the changes.
sudo service postgresql restart
Now you can check to make sure that the service is openly listening on the correct port by using the following command:
sudo netstat -ltpn
If you don't run it as elevated (using sudo) it doesn't tell you the names of the processes listening on those ports.
One of the processes should be Postgres, and the Local Address should be open (0.0.0.0) and not restricted to local traffic only (127.0.0.1). If it isn't open, then you'll need to double check your config files and restart the service. You can again confirm that the service is listening on the correct port (default is 5432, but your configuration could be different).
Finally you'll be able to successfully connect from a remote computer using the command:
psql -h [server ip address] -p [port number, optional if 5432] -U [postgres user name] [database name]
Make sure the settings are applied correctly in the config file.
vim /etc/postgresql/x.x/main/postgresql.conf
Try the following to see the logs and find your problem.
tail /var/log/postgresql/postgresql-x.x-main.log
Following configuration, you need to set:
To open the port 5432 edit your /etc/postgresql/9.1/main/postgresql.conf and change
# Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
In /etc/postgresql/10/main/pg_hba.conf
# IPv4 local connections:
host all all 0.0.0.0/0 md5
Now restart your DBMS
sudo service postgresql restart
Now you can connect with
psql -h hostname(IP) -p port -U username -d database
Step 1: edit file potgresql.conf
file location should be : etc/postgresql/10/main/
Look for:
#Connection Settings -
#listen_addresses = '' # what IP address(es) to listen on;
remove # before listening addresses
add '*' :
listen_addresses = '*'
Step 2: edit file pg_hba.conf
file location should be : etc/postgresql/10/main/
add below given line at the end
host all all 0.0.0.0/0 md5
Step 3: restart postgres server
sudo /etc/init.d/postgresql restart
Step 4: check postgres server status
sudo netstat -plunt |grep postgres
Make sure you are using same port to access the DB
Mine was quite straightforward if you are on a Mac try:
brew install postgres
This will tell you if you have it already install and what version or install the latest version for you if not then run
brew upgrade postgresql
This will make sure you have the latest version installed then finally
brew services start postgresql
This will start the service again. I hope this helps someone.
I think you are using the machine-name instead of the ip of the host.
I got the same error when i tried with machine's name. Because, It is allowed only when both the client and host are under same network and they have the same Operating system installed.
In my case, I did not change azure default security policy in management portal. The original is port 22 allowed and the rest are all denied. As long as I add 5432 port, everything becomes good.
The following helped me on macos Mojave:
$sudo mv /usr/local/var/postgres /usr/local/var/postgres.save
$brew uninstall postgres
$brew install postgres
See the port and make a port change in postgresql.conf. My installation of postgres 9.4 uses port 5431 or 5434 instead of 5432.
If it say the port is in use so change the port.
And check if you give password in psql installation so give the password in file and save it.
In my case I had removed a locale and generated another locale. Database failed to open because of fatal errors in the postgresql.conf file, on 'lc_messages', 'lc_monetary', 'lc_numberic', and 'lc_time'.
Restoring the locale sorted it out for me.
Another situation,postgresql.confandpg_hba.conffile not locate at /etc/postgresql/9.1/main/.Because postgres can start at any location you set.
For example when you use command pg_ctl -D /tmp/pgsql/ start ,the postgresql.conf and pg_hba.conf will located at /tmp/pgsql/.
I had the exact same problem, with my configuration files correct. In my case the issue comes from the Eduroam wifi I used : when I connect via another wifi everything works. It seems that Eduroam blocks port 5432, at least in my university.
Try to migrate your database. For instance, if you are using Heroku to host your project and with Django, then try heroku run python manage.py migrate command; the error should go away.
I had a problem like this where I had to ssh into a server and than run a query in psql console so the query was in a script but everytime I got this error psql not found so what I did was just added the psql full path from the bin which we get from cat .bash_profile and its done
PATH=$PATH:/usr/local/pgsql/bin:/usr/local/mysql/bin
So I added the whole /usr/local/mysql/bin/psql intead of just psql for remote execution.
and another one here:
both host and remote are on real servers
you need '*' exactly.
'localhost , xxx.xxx.xxx.xxx' will not work. all these answers(i've seen two) should be wiped out.
what you don't need : host all all 0.0.0.0/0 md5 and this stuff
For me, I just removed the existing PostgreSQL 14 Server which was on the left-hand side of the pgAdmin4 GUI interface under the servers and then I manually added a new server from the option which is inside Quick Links of pgAdmin4.
I followed the documentation of bitnami.com.
I had a problem with access to external server via 5432.
I noticed that any network but mine saw the service
nmap server -p 5432
Fortunatelly, I recalled that I was playing with exposing my internal postgres server to outside world using my mikrotik router.
Somehow it effectively closed external 5432 for internal network.
As soon as I removed all nat rules with 5432 port - it worked like a charm.

Postgres connect over ssh

I have PostgreSQL server running on some host pgserver. This server is not opened to the outside world (only connections from localhost are allowed). I can login to that host as user via ssh (with public key):
me#local:~ $ ssh user#pgserver
Then I can su to specific user pguser to run queries.
user#pgserver:~ $ sudo su pguser
pguser#pgserver:~ $ psql
I need to enter user's sudo-password here. I can't connect as pguser and don't know his password. I also don't have access to the database as user.
Now to simplify development I would like to setup ssh-tunnel from my local machine to the pgserver:
me#local:~ $ ssh -L localhost:5432:localhost:5432 user#pgserver
The problem is that while user has access to the server, he doesn't have access to database. pguser has it, but doesn't have access to the server. What is frustrating is that I can actually sudo to pguser's account and run queries after I've connected as user.
Can I solve this in some way?
Try
ssh -t -l user pgserver sudo -u pguser psql
The -t forces ssh to allocate a pty on the other end so there's
a terminal for password input and such.

Unable to Bootstrap node using Chef

I've set up a basic Chef infrastructure that contains a workstation, a hosted Chef Server and an Ubuntu Server to serve as a node. I'm using this setup at my workplace and therefore a proxy is required for internet connections. I've made the necessary proxy settings in both knife.rb and the Ubuntu Server. Both the workstation and the node are properly connected to the internet.
Here's the problem - When I try to bootstrap this node using knife, I get the following error:
<My Node's IP> --2014-02-12 10:29:05-- https://www.opscode.com/chef/install.sh
<My Node's IP> Resolving www.opscode.com (www.opscode.com)... 184.106.28.91
<My Node's IP> Connecting to www.opscode.com (www.opscode.com)|184.106.28.91|:443... failed: Connection refused.
<My Node's IP> bash: line 83: chef-client: command not found
Please note that I used the following command to bootstrap the node -
knife bootstrap <My Node's IP> --sudo -x <username> -P <password> -N <name>
Can you please help me with this?
Thanks in advance.
After struggling on this for a long time I have finally found the answer.
In knife.rb another entry for bootstrap-proxy has to made as well.
knife[:bootstrap_proxy] = "http://username:password#proxy:port"
After doing this, run the following bootstrap command -
knife bootstrap <My Node's IP> --sudo -x <username> -P <password> -N <name>
This worked for me!
I have encountered the same problem. You just need to type the same thing with some extra commands:
knife bootstrap <My Node's IP> --sudo -x <username> -P <password> -N <name> --bootstrap-wget-options --no-check-certificate
It will work always.
In my case, I didn't added the server in client's hosts file entry. for example,
I got this error "Connection refused - Connection refused connecting to https://server.com/organizations/sample/nodes/node1"
I simple made an entry in "/etc/hosts" file with my server's IP and name i.e "server.com" and it worked for me.
vi /etc/hosts
192.168.159.100 server.com