This section describes how to enable SSH tunneling between the and your cloud-based database infrastructure. When this feature is enabled and properly configured, users connect to your databases through a more secure manner.

Security concerns:

Limitations

Prerequisites

Configure

You can enable the SSH tunneling check box and configure the advanced options. 

NOTE: SSH tunneling is enabled on a per-connection basis. If enabled for a connection type, the SSH options appear under the Advanced options in the connection window.

These properties are available when you create the connection. After you have specified the connection including SSH tunneling options, you should test the connection. 

For more information, see Create Connection Window.

Basic Properties

PropertyDescription
SSH tunneling host

If you are using SSH tunneling, please specify the SSH host for tunneling into your infrastructure.

Advanced Credential TypeDepending on the type, you must specify the properties for the credentials to use to connection. See sections below.

SSH Tunneling Basic

PropertyDescription
SSH Tunneling User Name

(optional) Username with which to authenticate to the SSH tunnel.

In some environments, a username may be optional.

SSH Tunneling PasswordPassword for the username

SSH Tunneling with Key

NOTE: Use of an SSH key that requires a passphrase is not supported.

PropertyDescription
SSH Tunneling User Name

(optional) Username with which to authenticate to the SSH tunnel.

In some environments, a username may be optional.

SSH Tunneling SSH Key

Key used to access the SSH tunnel.

NOTE: This key must be generated in legacy OpenSSH format. See below.

Generate SSH key

Please use the following command to generate an SSH key from the node where the database server node:

ssh-keygen -t rsa -m PEM

Use

When you have configured SSH tunneling properly, all users of the connection use the SSH configuration to access the targeted database.

Sharing

When a connection is shared with credentials, the SSH authentication credentials are also shared. For more information, see Share a Connection.