microsoft
Feature request: built-in SSH tunneling
- SQL Operations Studio Version: 0.24.1
Steps to Reproduce:
- Create a new server connection
- As Server name, specify one that isn't directly reachable from your client
I've seen this offered in various other RDBMS clients such as PSequel and related admin tools such as Royal TSX, but notably not in SQL Server Management Studio.
GUI-wise, PSequel solves this with a [ ] Use SSH Tunneling checkbox that reveals the additional field SSH Host, Port, and User, as well as Identity File. Typically (but not necessarily), in this configuration, the Server name field would then be filled with localhost or similar.
Internally, you first set up an ssh connection with a client-to-server port forwarding (typically, of port 1433), then run the database connection against that forwarded port. For example:
ssh -NL 1433:localhost:1433 myUser@theRemoteServer
Here, theRemoteServer runs both SQL Server (on port 1433, but not publicly accessible) and an SSH server (on the default port 22, and accessible).
This feature's purpose is to:
- alleviate the need to manually run the above ssh command manually each time
- attach the SSH configuration to the SQL configuration
I was really hoping with the addition of PostgreSQL that this would bubble up to the top of the list.
Should this not be directed to the Postgresql Add-on. Or could this be built as it's own add on?
it would be great to see this for all connection types and it's a common feature in other sql gui's
Would something like the the VS Code Remote SSH extension (i.e. https://marketplace.visualstudio.com/items?itemName=ms-vscode-remote.remote-ssh#:~:text=Visual%20Studio%20Code%20Remote%20-%20SSH%20The%20Remote,and%20troubleshooting%20in%20a%20wide%20variety%20of%20situations.) be a good solution for this problem? It provides ssh tunneling and connections would be initiated from the remote machine. Or is this request really only for the ssh tunneling functionality?
The VSCode remote capabilities work by starting a 'server' instance on the remote and I don't think that's really needed or generally useful in this case. All I really need is for DataStudio to automate something like:
- Create an ssh tunnel using
ssh -L<local unused port>:<db host>:1433 <remote host> - Create a db connection using
localhost:<local port from above>
The ssh connection can be configured to not open a terminal, for better security. Preferably libssh or the openssh cli client should be used so I can configure all my connection parameters in ~/.ssh/config like normal and use ssh-agent for authentication just like a normal ssh connection.
Man support for this natively would be nice. Took me quite a few tries to figure out how to get it to work with a custom local port.
(I'm doing this because i have several simultaneous connections to many postgresql servers and you cant use the same port more than once -- duh.)
If this is helpful to anyone else:
open a CLI and open a SSH with port forwarding in the typical way like this:
ssh -L 6543:localhost:5432 uname@remotehost
But when you create your connection, click advanced and enter the custom port but ONLY the custom port (the local port -- 6543 in this example).
I was typing localhost in the hostname on the basic page (correct) AND 127.0.0.1 in the ipaddress on the advanced page (not correct!) and it was failing. as soon as I blanked out the ip but left the port -- poof it works.
Very much looking forward to leaving dbeaver behind -- as i'm a long time SSMS guy i find it ... uncomfortable.
Thank you for opening this suggestion! This enhancement is not planned in our medium-term roadmap. The issue is being closed to reduce active issues to focus on enhancements that are being considered for an upcoming release. We will review closed issues with the 'Out of Scope' label when doing long-term planning.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Now that private endpoints are generally available in Azure especially this becomes more than a nice to have. Not just for Postgres - it is only an example here because this works so well in PGAdmin4 (the rest of which might be flaky but improving). Datagrip has it. Yes you can do it manually, and you don't need additional loopback ip's (useful for some, though).
The lack of tunneling is single-handedly stopping me from using this product.
This should be a high priority. Anyone running a cloud server who isn't comfortable simply exposing the database to the web needs this feature to use ADS at all. I'd like to use ADS for my latest project, but I simply cannot because of the lack of this long-since-requested fundamental feature. Please reconsider your decision not to implement it.
This is still out of scope? It's coming up on its 5yr anniversary! It's old enough to go to school now! "chucker opened this issue Dec 26, 2017"
Wanted to +1 on this issue, given that this request is one of the oldest and most active feature requests in the backlog right now I'm really hoping MS considers this when planning for the release after February.
https://xkcd.com/2881/ - so at what point are we going to start a party convention for ADS ssh?
@reukiodo yep, this is so old, that I even meet @NovaLogicDev that is using practically same nickname:-) I believe we're ready to make a party, or , maybe to prepare a rally for the ADS ssh support
Interesting, would be 10 years enough for MS to implement ssh tunnelling?:))))))
It would be nice if we could get @kburtram and @cheenamalhotra to comment on the current status of this request. Perhaps there is someone else we should be escalating this request to if either of you is not responsible for planning this project.
perhaps @Charles-Gagnon @kisantia or @smartguest as they are leading active contributors to this repo.
