Talend tSshTunnel Usage

Question

I am trying to connect to a remote server using ssh tunnel connection where I have to use port forwarding from a local server to the remote server. I then need to be able to connect to a mysql database on the remote server.

I am using the tSshTunnel component which is working fine in others system but throwing error in my system and remote connection as "javax.crypto.ShortBufferException: Cannot store MAC in output buffer".

I searched a lot but could not find the solution anywhere.

Any help would be greatly appreciated. Thanks in advance.

Answer 1

If the connection has passphrase in the public/private key, you can modify the file "tSshTunnel_begin.javajet" and insert the passphrase in the password field:

Answer 2

After a couple of days testing and researching I have reached a conclusion - in order to help others in the same situation a complete guide follows below to present an example on how to connect to an Amazon RDS server through an SSH tunnel over the application (EC2) server, which is what Elastic Beanstalk does.

Manually connecting to the server with the Windows command prompt:

This is based on what I found in this article about SSH connections on the terminal. The ssh command is not only able to connect to a target server but also to connect to a second server through the first one. This is how it works:

ssh -L 3307:databaseServer.rds.amazonaws.com:3306 -i myPemFile.pem ec2-user@ec2-myApplicationServer.us-west-2.compute.amazonaws.com

What this command is doing is : 'ssh connect to my application server through port 22 (default) and bind every request to databaseServer:3306 to my local machine's localhost:3307 port'

Leave this command window as it is, open up a new one and write:

mysql -u "databaseUserName" -P 3307 -p"databasePassword"

With that the mysql prompt is shown. You are now sending MySQL commands to the database server through a SSH connection to the application server. Local (your own machine) port 3307 is now bound to the database server using the application server as a proxy.

Installing tSshTunnel in Talend Open Studio for Data Integration

The plugin found in Talend's marketplace (I am using Talend TOS 7.1.1) did not show up in the Palette menu so I extracted the tSshTunnel.zip file to the folder ~\TOS_DI-20181026_1147-V7.1.1\plugins\org.talend.designer.components.localprovider_7.1.1.20181026_1147\components\tSshTunnel Go back to Talend Studio, press CTRL SHIFT F3 to reload the components or restart TOS.

Bug in tSshTunnel and how to circumvent it

To the specific question : Amazon RDS database links are normally very long (e.g. ktofbf83428349cntdfg.clus33245kfur.us-west-2.rds.amazonaws.com) and the reason for the 'Cannot Store MAC' message is apparently this huge input size. The plugin however accepts the equivalent ec2-xx.xx.xx.xx.us-west-1.compute.amazonaws.com URLs. This URL can be traced with a tool like ipinfo . Just input your database link over there and you will get the correspondent ec2-style link (which solves the user's issue).

General Instructions on tSshTunnel usage for an Amazon RDS use case

In order for the answer to be as broad as possible I would like to add some configuration details:

• The components used in the question are correct
• Configuration for tSshComponent:
  • Hostname: should be the application server "ec2-xx.xx.xx.xx.us-west-2.compute.amazonaws.com"
  • Port: "22" , between quotes
  • Username : "ec2-user"
  • Password : ""
  • KeyFile : "C:/folder/pemFile.pem" (note we need to use the '/' backslash)
  • L Tunnel String: goes in the format 'Port on your machine bound to database server':'database server':'Port on database Server' . E.g. "3307:ec2-yy.yy.yy.yy-....:3306"
• Configuration for tDBConnection component:
  • Host: "localhost"
  • Port: "3307"
  • Username: "database username"
  • Password: "user password"