How to connect a database through SSH tunneling?
Accessing a Database Behind the Firewall – SSH Tunneling
- Follow the steps below to connect Bold Reports to your database behind a firewall by setting up an SSH tunnel.
- This article uses an OpenSSH server and the PuTTY client on a Windows machine to help you set up an SSH tunnel. For a list of SSH clients you can use to establish SSH tunneling, visit SSH Client List.
- Password authentication is used here for a simplified approach. To set up ‘Public Key’ authentication, refer to Public Key Authentication Guide.
Configure SSH server
-
Download OpenSSH from GitHub.
-
Unzip the files to a directory on your machine. For instance, ‘C:\OpenSSH’.
-
Run the following command in Command Prompt or PowerShell with elevated permissions:
powershell.exe -ExecutionPolicy Bypass -File install-sshd.ps1 -
After successful installation, the Command Prompt will display logs as shown below.
-
Now, open services.msc using the Run dialog and start the OpenSSH SSH Server and OpenSSH Authentication Agent services as shown below.
-
Ensure the services are running. By default, the SSH server will be listening on port 22. Open resmon(Resource Monitor) using the Run command to check for listening ports.
Note: If you see the Firewall Status as Not Allowed or Restricted, you need to add a Firewall rule to allow connections through this port.
Configure SSH client
-
Download and install PuTTY.
-
In the Session category, fill in the Host Name and Port. The host name should be an IP or DNS name of the machine where the SSH server is configured.
-
Navigate to Tunnels under the SSH category and set up remote port forwarding.
-
The Source port is the port forwarded to the server for tunneling. Ensure that this port is allowed through the firewall.
-
If the database (DB) is on the same machine where the SSH server is located and is bound to localhost, set up remote forwarding with localhost. Otherwise, provide the host address where the DB is located.
-
Save the session if required. Click Open. This will open a connection to the server machine. Enter the credentials to establish a connection.
Connecting to an SSH-Enabled Database in Bold Reports
Follow the steps below to connect with Bold Reports:
-
Open the Bold Reports application.
-
Click the data source on the left panel of the Bold Reports application, as shown below.
-
Click Create Data Source in the top right corner, as shown below:
-
Select MSSQL connection in the connection panel to proceed with the connection.
-
Enter the required credentials as instructed below:
-
SSH Server Name: Input the host/IP of the machine where the SSH client is configured.
-
SSH Port: Enter the forwarded port used above in PuTTY. (default is 22, but it might be different).
-
SSH Username: Your authorized username for SSH access.
-
SSH Password: Your secure password for the SSH username (keep confidential).