Reputation: 1183
Connect to database through two ssh tunnels in IntelliJ IDEA
I'm trying to add a postgresql database as a datasource in IntelliJ IDEA Ultimate.
I've worked with a datasource through ONE ssh tunnel already. But now the database server is behind a firewall which only accepts ssh connections from a management server. The only way to access the db server goes over the management server.
So I (or IntelliJ) have to connect via ssh to this server and then, by using another user, tunnel via ssh to the database server.
Everything clear? :-D
The problem is, that IntelliJ offers only to configure one ssh tunnel. But after the first tunnel I need to use a second one, to finally connect to the database server... Any Ideas?
Thx in advance.
Upvotes: 3
Views: 3711
Answers (2)
Reputation: 15734
ssh supports your scenario out of the box. The trick is to create two entries in your ~/.ssh/config file for the management server, one for your-user and one for special-user. Then use ProxyJump to chain your connections together.
So, start by setting up a Host section for the management server and the user your are connecting to from your local machine:
Host mgmt
HostName management.server.com
User your-user
...
Then, set up a Host for the user on the management server that you will be logging in as:
Host mgmt-special-user
HostName management.server.com
User special-user
To this same host, add a directive to tell ssh to create a tunnel to your DB:
LocalForward <free-port-on-your-box> <db-ip-or-host>:<db-port>
Then tell ssh that this host can be reached from the first host:
ProxyJump mgmt
You can now ssh mgmt-special-user from your local machine. ssh will automatically jump through the mgmt host, and will also automatically extend the tunnel through mgmt and back to your local machine.
ProxyJump (-J) was added in OpenSSH 7.3 (released in 2016).
Upvotes: 2
Reputation: 402085
I'd create a local port forward using OpenSSH or any similar tool which will forward 127.0.0.1:2222 to firewall:22 via the Management Server, then use IntelliJ IDEA tunnel configuration to 127.0.0.1:2222 like you would do with the single tunnel.
ssh -L 127.0.0.1:2222:firewall:22 <management server>
You can configure an External Tool to automate this process. On Windows machine I had great experience with Bitvise SSH Client for creating tunnels/port forwards and starting them automatically.
Upvotes: 1
Related Questions
- IntelliJ and Jpa Buddy - SSH tunnel DB connection
- How to SSH tunnel and connect to a database using IntelliJ and JDBC?
- How to connect IntelliJ IDEA 2017.1.2 to Postgresql
- How can I connect to Oracle Database 11g server through ssh tunnel chain (double tunnel, server in company network)?
- How to connent to Oracle database with SSH in IntelliJ IDEA
- Intellij IDEA ssh tunnel to datasource
- SSH tunnel in Intellij Idea Run/Debug config and in Gradle tasks
- SSH tunnel doesn't work in DataGrip
- Pentaho JNDI ssh tunneling Data Integration MySQL
- Phpstorm. Can't access to mysql server through SSH tunnel (connection is closed by foreign host)