Create an SSH Tunnel Session
All of the screenshots that follow are from PuTTY 0.62.
Create an SSH tunnel session if the intent is to access an EAS database from pgAdmin (or another database client product) running on your Windows machine. The SSH tunnel session in this example will be for the SF DEV DB VM (San Francisco data center, DEVelopment environment, eas DataBase server, Virtual Machine). In the screenshots that follow, sensitive information has been redacted, and the screenshots themselves illustrate the key values that should be entered in the PuTTY Configuration dialogs.
IP Addresses
The appropriate IP addresses will be provided by an EAS administrator for any server connections that need to be created.
For Developers and Database Administrators
Both developers and database administrators will want to create SSH tunnel sessions.
Port Forwarding
It is possible that connections to more than one database may need to be active simultaneously, so these SSH tunnel sessions will take advantage of a concept called port forwarding. For example, a developer may be running pgAdmin from her Windows machine and wants to be connected to the development database (SF DEV DB) and the QA database (SF QA DB) at the same time. But both databases will be listening for requests on the same port (for example 5432 is the default port number for PostgreSQL) so the developer needs a way to send database requests from their Windows machine so that they go to the correct database. Port forwarding will let the developer specify that requests to the development database shall go out on local port number 5433 (for example) but get forwarded to port number 5432 on the development database machine. Similarly, requests to the QA database could go out on local port number 5434 but get forwarded to port number 5432 on the QA database machine. It may be helpful to read the first few paragraphs of Section 3.5 Using port forwarding in SSH before attempting to create an SSH tunnel session.
1 Run PuTTY.
2 Under the Session category, enter the IP address of the target VM in the Host Name (or IP address) field, and specify port number 2241 (or port number 22 for the newer EASX machines) in the Port field. Also confirm that the connection type is "SSH".
3 Under the Auth category and in the Private key file for authentication: field, browse to the private key file (jd_eas_private_key.ppk
) that was saved in an earlier step.
4 The following source port numbers should be used to prevent collisions among them on the Windows machine. The source port number for this example (5433) is highlighted in bold font in the table below.
Environment | |||
---|---|---|---|
DEV | QA | PROD | |
San Francisco Data Center (legacy) | 5433 | 5434 | 5435 |
San Francisco Data Center (EASX) | 5439 | 5440 | 5441 |
Disaster Recovery Data Center (legacy) | (5436) | (5437) | 5438 |
Disaster Recovery Data Center (EASX) | 5442 | (5443) | 5444 |
5 Under the Tunnels category, and in the Source port field, enter the desired source port number ("5433" in this example), and then in the Destination field, enter the desired destination port, "localhost:5432". (The value for the destination port is the same for all of the database VMs because all of the databases are listening on port number 5432.) Also confirm that the Local and Auto radio buttons are selected. Press the Add button to add this forwarded port to the SSH tunnel session.
6 The forwarded port was added to the SSH tunnel session.
7 The following tunnel session names should be used to maintain consistency with standard EAS nomenclature. The tunnel session name for this example (eas-sf-dev-db-tunnel) is highlighted in bold font in the table below.
Environment | |||
---|---|---|---|
DEV | QA | PROD | |
San Francisco Data Center (legacy) | eas-sf-dev-db-tunnel | eas-sf-qa-db-tunnel | eas-sf-prod-db-tunnel |
San Francisco Data Center (EASX) | eas-sf-dev-dbx-tunnel | eas-sf-qa-dbx-tunnel | eas-sf-prod-dbx-tunnel |
Disaster Recovery Data Center (legacy) | (eas-dr-dev-db-tunnel) | (eas-dr-qa-db-tunnel) | eas-dr-prod-db-tunnel |
Disaster Recovery Data Center (EASX) | eas-dr-dev-dbx-tunnel | (eas-dr-qa-dbx-tunnel) | eas-dr-prod-dbx-tunnel |
8 Return to the Session category to save this tunnel session. Enter the tunnel session name in the Saved Sessions field, and press the Save button.
9 Before the saved tunnel session can be tested, an EAS administrator must place your public key on the target VM. This should already have been done in an earlier step.
10 To test the saved tunnel session, select the saved tunnel session from the Saved Sessions list, press the Load button, and then press the Open button.
11 You will be prompted to log in to the target VM. Use the username that was given to you by the EAS administrator, and when prompted a second time, enter the passphrase that was used to create your private key in an earlier step.
12 Congratulations, you should now have an open tunnel from the Windows machine to the target VM!
13 Please refer to the Database page Create a pgAdmin Server Connection to learn how to use the open tunnel to connect to an EAS database.