Issue
Can DBeaver create two SSH tunnels and then connect to a database?
I have successfully created one SSH tunnel but not two.
I am trying to connect to an AWS RDS database via Bastion host. Bastion host only allows SSH access from my corporate IP range. This means that when I am in the office I can connect to the RDS from DBeaver just fine:
- My computer is in the allowed IP range
- DBeaver creates an SSH tunnel to a Bastion host in my VPC inside the AWS cloud
- DBeaver connects to the RDS database
The issue arises when I work from home. I would have to add "zero" step to have an allowed IP address for the Bastion host connection: 0) Connect to the machine inside the office
I have not yet managed to achieve this. Has anyone got an idea of how to do this?
Solution
Kudos to @erik258 for pointing me in the right direction.
I have created an SSH tunnel between an office machine and the Bastion host. When in the office machine, when I access http://localhost:<local_port> I am in effect communicating with the <RDS_endpoint> on port <remote_port>.
Steps:
- Create an SSH tunnel from the office machine to the Bastion host. Source
$ ssh -L <local_port>:<RDS_endpoint>:<remote_port> -i <path_to_ssh_key> ec2-user@<Bastion_host public IP>
<local_port> - random port
<remote_port> - port RDS endpoint listens to (5432 for PostgreSQL)
<RDS_endpoint> - endpoint specified on the AWS RDS page
- Create DBeaver connection. In the "SSH" section specify your office machine. In "Main" section, set "Host" as
localhost, and "Port" as<local_port>.
Answered By - sereneSentry Answer Checked By - Timothy Miller (WPSolving Admin)
