SSH Tunneling
Many companies build separate private networks for security and configure sensitive services like databases to be accessible only within the private network. Therefore, they often set up connections through a bastion host to access databases within the private network. Hops can also connect to databases through bastion hosts using SSH tunneling.
Preparation
Hops uses fixed IP addresses when accessing your database.
If you manage a list of IPs that can access your database through a firewall, please add the following IPs to your allowlist:
34.47.79.49, 34.47.86.94
There are a few things that need to be prepared for the Hops server to connect to the bastion host.
Add a user so that the Hops server can connect to the bastion host. Add the querydelivery user.
$ sudo adduser querydelivery --disabled-password
Then you need to add Hops' public key to the bastion host for SSH access.
Add the public key to /home/querydelivery/.ssh/authorized_keys:
$ mkdir -p /home/querydelivery/.ssh/
$ curl -L -o /home/querydelivery/.ssh/authorized_keys https://github.com/hopsoffice/publickey/releases/download/1.0/id_rsa.pub
$ chmod 644 /home/querydelivery/.ssh/authorized_keys
$ chown querydelivery:querydelivery /home/querydelivery/.ssh/authorized_keys
Having trouble setting up SSH tunneling?
Contact us by email (contact@hopsoffice.com) and
we'll help you through remote support.
Configuration
Click the add data source button as explained in Adding Data Sources. After entering the required connection information for the data source, enter the bastion host address in the SSH tunneling host field where you completed the preparation.
Having trouble connecting your data source due to SSH tunneling setup issues?
Contact us by email (contact@hopsoffice.com) and
we'll help you through remote support.