If not, you would have to setup a tunnel. You might be able to pass that connection into db library. The last line above is not exactly tunneling, but an TCP connection open to DB server. Below is not a tested sample without error checking: var buffer byteīuffer, err = ioutil.ReadFile(sshKeyFile)Ĭonn, err := ssh.Dial("tcp", endpoint, sshConfig)ĭbConn, err = conn.Dial("tcp", dbEndpoint) There are tutorials out there how to use GO ssh tunneling. If external client works, then you can attempt to put it all into go language code without external SSH client. You can accomplish #1 and #2 with ssh client like OpenSSH or putty. establish tunnel from local port to remote db port.I have not tested postgre this way, but I have had this model used in some proprietary server connections. So, this answer about SSH tunneling to DB machine. I don't know if a native postgre ssh tunneling support exists. It is my understanding that you need to open connection to postgre database. CLI that returns a pointer to a sql.DB connection.ĭb, err := sql.Open("postgres", getDbInfo())ĬheckErr(err, "Unable to connecto tthe DB")ĭbInfo += fmt.Sprintf("dbname=%s ", dbName)ĭbInfo += fmt.Sprintf("dbname=%s ", "development")ĭbInfo += fmt.Sprintf("dbuser=%s ", "user")ĭbInfo += fmt.Sprintf("dbpass=%s ", dbPass)ĭbInfo += fmt.Sprintf("sslmode=%s", sslMode) ConnectDb is a short cut function that takes parameters through pem key, and I'm not quite sure how to do this w/o forcing a connection unsecured package main I can connect locally no problem, but I cannot connect to the remote easily. Then, SSH creates a separate tunnel inside the existing SSH session that redirects incoming traffic in the remote port to localhost. When remote port forwarding is used, at first, the client connects to the server with SSH. If you're running your own database server, most likely you have a strict firewall rule in place that only allows connects from a known IP addresses and a big chance that the only publicly exposed port on your machine(s) is for 22/ssh. The tunnelDriver is a sshdb.Driver for a specific database type. SSH port forwarding is a common practice to make connections to services that could not be exposed directly to the public internet. The tunnel can host multiple db connections to different database servers. I'm not sure how to accomplish this task. Also often called SSH reverse tunneling, remote port forwarding redirects the remote servers port to the localhosts port. New returns a Tunnel based upon the ssh clientConfig for creating new connectors/connections via an ssh client connection. 15 */ 16 17 package reversetunnel 18 19 import ( 20 "context" 21 "crypto/tls" 22 "crypto/x509" 23 "encoding/json" 24 "fmt" 25 "io" 26 "net" 27 "net/netip" 28 "time" 29 30 "/gravitational/trace" 31 "/sirupsen/logrus" 32 "/x/crypto/ssh" 33 34 "/gravitational/teleport" 35 "/gravitational/teleport/api/client" 36 apidefaults "/gravitational/teleport/api/defaults" 37 "/gravitational/teleport/api/types" 38 "/gravitational/teleport/api/utils/sshutils" 39 "/gravitational/teleport/lib/auth" 40 "/gravitational/teleport/lib/events" 41 "/gravitational/teleport/lib/multiplexer" 42 alpncommon "/gravitational/teleport/lib/srv/alpnproxy/common" 43 "/gravitational/teleport/lib/utils" 44 "/gravitational/teleport/lib/utils/proxy" 45 ) 46 47 // NewTunnelAuthDialer creates a new instance of TunnelAuthDialer 48 func NewTunnelAuthDialer (config TunnelAuthDialerConfig ) (*TunnelAuthDialer, error ) 521 if err := req. 13 See the License for the specific language governing permissions and 14 limitations under the License. 6 You may obtain a copy of the License at 7 8 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 3 4 Licensed under the Apache License, Version 2.0 (the "License") 5 you may not use this file except in compliance with the License. See also the last Fossies "Diffs" side-by-side code changes report for "transport.go": 13.0.0_vs_13.0.1.ġ /* 2 Copyright 2019 Gravitational, Inc. As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Go source code syntax highlighting (style: standard) with prefixed line numbers and code folding option.Īlternatively you can here view or download the uninterpreted source code file.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |