Eric Marsden wrote:
> Can anyone point me to some documentation describing how to set up ssh
> to tunnell TCP/IP connections to a backend? My searches have found several
> people saying it is possible, but no step-by-step explanation I could
> point people to.
Eric,
It's the documentation for SSH that you are looking for. Please refer to
http://www.heimhardt.de/htdocs/ssh.html for better insight.
A step-by-step explanation can be done in just two steps:
1. Establish a tunnel to the backend machine, like this:
ssh -L 3333:wit.mcs.anl.gov:5432 postgres@wit.mcs.anl.gov
The first number in the -L argument, 3333, is the port number of your end of the tunnel. The second number, 5432, is
theremote end of the tunnel -- the port number your backend is using. The name or the address in between the port
numbersbelongs to the server machine, as does the last argument to ssh that also includes the optional user name.
Withoutthe user name, ssh will try the name you are currently logged on as on the client machine. You can use any
username the server machine will accept, not necessarily those related to postgres.
2. Now that you have a running ssh session, you can connect a postgres client to your local host at the port number
you specified in step 1. If it's psql, you will need another shell because the shell session you used in step 1 is now
occupied with ssh.
psql -h localhost -p 3333 -d mpw
Note that you have to specify the -h argument to cause your client to
use the TCP socket instead of the Unix socket. You can omit the port
argument if you chose 5432 as your end of the tunnel.
--Gene