SSH Support for connecting to remotes

[ghost]

[felipelalli]

SSH protocol support is a must have feature!

[bpf120]

Hi @felipelalli, thanks for commenting! Are you using Dolt now? Feel free to swing by our Discord or shoot me an email. We love learning about use cases.

[PHumagain-Simi]

Is there any latest news on ssh support to connect to remote?

[timsehn]

We have not prioritized it. What do you need it for?

[cbf305]

I'm looking for this feature too.

@timsehn to answer your question, I feel it is a needed option for those that don't want the overhead of running Doltlab, can't use Dolthub or other hosting provider due to company policy and have a mix of on-site and remote workers. Without SSH remote support the only option for file based remotes is SMB. That works fine for on-site workers, but not remote workers. SSH just ticks all the boxes for everyone, IMO.

• Is already encrypted so it doesn't need a VPN
• Would work the same on-site and off
• Supports MFA and/or key based auth
• It's simple, lightweight and fast
• It's already part of the work flow of many developers and remote workers

To be honest, SSH remotes are a core part of git so I was surprised to find they are not already part of Dolt since it was modeled after git.

I hope this helps in bumping this up the priority list.

Thanks!

[reltuk]

@cbf305 This is a totally legitimate request. I agree it would be nice to deploy this way in certain environments, particularly in environments where SSH access is already a solved problem.

We haven't built it yet simply because most of our customers make good progress with HTTPS and cloud native remotes.

There are some further alternatives that may work for you:

• dolt sql-server is able to publish a remotesapi port that accepts reads and writes. It uses an authentication and authorization model based on SQL users and grants. It supports TLS.
• go/utils/remotesrv is a standalone program in the Dolt github repository that can run a remotesapi server accepting reads and writes and keeping state on the local disk. It currently does not support authentication, authorization, or TLS, so it's not applicable in all contexts.
• Cloud native remotes, like aws:// and gs://, are multi-user and concurrency safe. They rely on cloud native permissions for the underlying resources for AuthZ.

It's possible that some SSH foo with port forwarding and something like go/utils/remotesrv running on the remote host could come together to orchestrate "SSH-access-to-an-HTTP-remote" outside of dolt itself.

All of that being said, we totally hear you on the :+1: for the priority bump on supporting native SSH remotes. They make perfect sense in a lot of contexts. We will keep the request in mind when prioritizing feature work in the future :).

Thanks for your interest in Dolt and please don't hesitate to reach out with any questions or suggestions!

[cbf305]

Awesome, thanks for the reply and for the suggestions. I saw the API info in the docs, but I didn't look into the remotesrv utility. Being the quintessential lazy sysadmin, I opted for the 20 second, 4 liner bash script that mounts a folder over SSH with sshfs, performs a push/pull task as passed to the script and then unmounts the folder. We just started evaluating Dolt for our env. so I didn't want to invest too much time yet. Hopefully my laziness pays off and SSH support is implemented before I need it ;-p

Thanks!

[bpf120]

@cbf305 We'd love to learn more about your use case and help out where we can. Feel free to email me or join our Discord. Please keep us posted on how your evaluation goes!