DataGrip and SSH Tunnels

Answered

Still struggling to configure DataGrip with SSH Tunnels, which is a big blocker for me to use it more - I keep going back to dbvisualizer (which is fine, really -- but since I have DataGrip too, i'd like to compare them a bit more).

Currently, I have trouble even finding all the bits. On the general tab, is the host the host you'll connect to after establishing the tunnel (e.g. the hostname the proxy / bastion / jump host should use?) or is it the host DataGrip will use, which is presumably localhost? Is the port the final port (on the db server) or the port you want DataGrip to use locally?  

If I'm going to connect to a database on internal.example.com:2345 after tunnelling to bastion.example.com:22 and both 2345 and 22 are occupied locally, where do I put all that information? Maybe once I understand that, it'll be easier to make the connection.

I also find that DataGrip doesn't log much about its attempted connections. When I attempt a connection and it fails, nothing at all gets into idea.log from what I can see.

17 comments
Comment actions Permalink

Here's an illustration of my example.

And on DataGrip, I have:

- General > Host == localhost? internal.example.com?

- General > Database == 5555? 2345?

- SSH > Proxy host == bastion.example.com?

- SSH > Port == 22?

- And where does the local or remote information go (depending on what I put in General)

1
Comment actions Permalink

And, yeah, if I tail -F idea.log and then test connection -- nothing gets logged. If it did, I might be able to figure out what parameters mean what.

1
Comment actions Permalink

Hi,

In "General" tab you need to specify your database connection settings. In "SSH/SSL" tab you need to specify your tunnel options. For more details press F1 to get internal DataGrip help.

Thank you.

0
Comment actions Permalink

That helps a little, as did a little status information beside the test connection -- which I didn't or couldn't see before?  On the general tab, I gather I should put in the values for the "database server -- the values that the bastion server would use to connect". You don't/can't specify local port, but that wasn't the problem anyway. Anyway, I am finally able to connect to the server, which is what I care about most. Thanks!

0
Comment actions Permalink

Hi,

>You don't/can't specify local port, but that wasn't the problem anyway.

DG uses random local port.

 

>nothing gets logged

We're working on it.

 

Thank you.

0
Comment actions Permalink

When using SSH tunneling, why doesn't DataGrip prompt me for the SSH key passphrase when I attempt to connect? SSH tunneling only works if I enter the passphrase under "Data Sources" and check the "Remember" box. But I don't want DataGrip to remember my SSH passphrase—I'd prefer to enter it when I want to connect.

1
Comment actions Permalink

Hi,

We've got some issues about two-factor authentication and passphrase prompt.

Here is the short list:

Thank you.

0
Comment actions Permalink

@Geoffrey Wiseman Hi,
Pay attention for enhanced ssh functionality in DataGrip http://blog.jetbrains.com/datagrip/2017/12/06/datagrip-2017-3/#connectivity

Thank you.

0
Comment actions Permalink

This is an issue.  I need to find the forwarding port.  In other db tools you can see or specify the port.  Between this and the timezone issue - it close to a deal breaker.

0
Comment actions Permalink

You can specify all settings in ssh config and load it from within DataGrip.

0
Comment actions Permalink

@vasily is this from windows?  I can't find a ssh config file.

0
Comment actions Permalink

I see the documentation.  Seems like you need to use Putty and this is a hack and if I need that why fart around with datagrip SSH at that point.  I am not a sys-admin person and I get that the way you implemented it probably more flexible but its not user friendly for analysts.  Every product that I've used that has had this capability you could just specify the forwarding port as a parameter in the product and use that.  Maybe datagrip just isn't a good solution for a large company with data people who aren't systems people.  There are enough bad ticks such as date/time management issues and json linting that just don't work on datagrip for windows.

0
Comment actions Permalink

@Derek Anderson 
What do you mean by forwarding port? Do you use multihop ssh connection?
Is this what you need?


Could you describe in detail "ad ticks such as date/time management issues" and " json linting that just don't work on datagrip for windows"?

P.S.: You can email me directly to Vasily.Chernov@jetbrains.com and I'll to solve your issues.

0
Comment actions Permalink

Yes I can also not see an option du use my ~/.ssh/config right here

WORKAROUND:

(SSH-Tunnel -> local connection in DataGrip)

1.) Create a Config in your ~/.ssh/config for the Host (here you can use the ProxyCommand - to go through another host https://www.cyberciti.biz/faq/linux-unix-ssh-proxycommand-passing-through-one-host-gateway-server/ ).

2.) Establish a tunnel Connection exposing the remote MySQL-Port on your local machine:

ssh -L 13307:localhost:3306 remote.target.com

Now you can use DataGrip to connect on localhost Port 13307 using the remote credentials - not a solution which feels like JetBrains in 2019 - but works.

0
Comment actions Permalink

@Vasily  

Do we have a way to specify a local port for using the tunnel so we can piggyback on it with other services?  We still have to currently run putty in addition to DG so I can use postgresql ODBC with excel.  If we were using Razor or most other tools we can specify a port and reuse it for this purpose.  Frustrating.

 

 

 

0
Comment actions Permalink

@DAnderson,

Yes, we do:

0

Please sign in to leave a comment.