PostgreSQL via SSH Tunnel

postgresql ssh tunnel razorsql
kozooh picture kozooh · May 30, 2013 · Viewed 69.9k times · Source

I'd like to use RazorSQL to connect to my database which is running on a remote server. I create a SSH tunnel on my localhost with the following command:

ssh -L 1111:remote.server.com:5432 [email protected]

I configure my connection via RazorSQL's GUI, specifying localhost as the host and 1111 as the port. When I click on "Connect", the following error message appears:

ERROR: An error occurred while trying to make a connection to
the database: 

JDBC URL: jdbc:postgresql://localhost:1111/myuser

FATAL:
no pg_hba.conf entry for host "aaa.bbb.ccc.ddd",
user "myuser", database "mydatabase", SSL off

where aaa.bbb.ccc.ddd is a remote server's IP address.

What is more, I am not allowed to change the contents of my pg_hba.conf file. That's how it look like at the moment:

# TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD

@remove-line-for-nolocal@# "local" is for Unix domain socket connections only
@remove-line-for-nolocal@local   all         all                               @authmethod@
# IPv4 local connections:
host    all         all         127.0.0.1/32          @authmethod@
# IPv6 local connections:
host    all         all         ::1/128               @authmethod@

Is it possible to connect to the database server via SSH tunnel using my current setup and without modifying the server's configuration?

Answer

jeff picture jeff · May 30, 2013

Your pg_hba.conf appears to permit connections from localhost. The easiest way of causing your SSH tunnel connections to appear from localhost is to make them to localhost.

The following SSH command connects to remote.example.com as user "user", and causes your ssh client to listen on localhost, port 1111/tcp. Any connections made to that port will be forwarded over the ssh tunnel, and on the ssh server side the connections will be made to localhost, port 5432/tcp. Since we're connecting to localhost, the connections will appear to be from localhost also, and should match your existing pg_hba.conf line.

ssh -L 1111:localhost:5432 [email protected]

If this is expected to be a long-running tunnel, I would recommend using autossh

To connect using the psql client on the host where you are running the ssh client, use something like this:

psql -h localhost -p 1111 -U your-db-username database-name

You should then be prompted for your database user's password.

Alternately, you can add a line line the following to a file called .pgpass in your home directory on the client where you're running psql:

localhost:1111:database-name:your-db-user:your-db-password

Related questions

Can't connect to Postgresql on port 5432

I have PostgreSQL 9.3 installed on a server running Ubuntu Server 14.04. If I ssh into the server via terminal, I'm able to connect with psql. But when I try to configure pgAdmin III to do the remote connection, I get: Server …

Read More
pg_dump postgres database from remote server when port 5432 is blocked

I'm trying to pg_dump a SQL database on a remote server in our DMZ. There are 2 problems. 1) there is n't a lot of space left on the remote server so the normal command run to locally backup the database …

Read More
Connecting to PostgreSQL database through SSH tunneling in Python

I am trying to connect to a server remotely and then access it's local database with Python. I am successfully connecting to the server, although I can't seem to connect to the database on the server. My code is below: …

Read More