SSH tunneling is used to access servers on private networks (those not publicly accessible to the internet). Internal allows you to SSH tunnel into the following data sources: PostgreSQL, MySQL, Microsoft SQL Server, and MongoDB.
In the Add Data Source screen, select your database, add in your connection details and check the “SSH tunneling” checkbox. A new section will appear for you to provide your bastion user, host, and port. At the bottom, you’ll also find your SSH public key for Internal.
First, create a user account for Internal. Below is a sample script for Ubuntu.
ec2-user@bastion:~$ sudo adduser internalio --disabled-password Adding user `internalio' ... Adding new group `internalio' (1003) ... Adding new user `internalio' (1003) with group `internalio' ... Creating home directory `/home/internalio' ... Copying files from `/etc/skel' ... Changing the user information for internalio Enter the new value, or press ENTER for the default Full Name : Room Number : Work Phone : Home Phone : Other : Is the information correct? [Y/n] y ---
Next, edit the contents at the file /home/internalio/.ssh/authorized_keys to also include your SSH public key in a newline. Your SSH public key can be found below the bastion host and port input fields in your Internal account.
# Login as root sudo su # Create the authorized_keys file if it does not exist yet mkdir -p /home/internalio/.ssh touch /home/internalio/.ssh/authorized_keys # Use your favorite editor to add Internal's public key to the file vim /home/internalio/.ssh/authorized_keys # Set permissions on the authorized_keys file chmod 664 /home/internalio/.ssh/authorized_keys ---
The examples above uses internalio as the username but you can set any username.
See docs on AWS Configuration for detailed steps.
Updated 8 months ago