Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ENGINE YARD
November 20, 2017 16:28
FOLLOW
Your database instance is not directly accessible from outside the environment. This is a good
thing because a database cannot reliably maintain the security and patch levels like SSH can.
However, it means that to access your database from an external database tool, such as
pgAdmin, MySQL Workbench, or SQLyog, you need to create an SSH tunnel to your database
host/instance.
For example, you want to run pgAdmin or MySQL Workbench on your laptop and you want to
use this tool to examine your application database: You create an SSH tunnel from your laptop
(the local) to your database instance (the remote) on Engine Yard Cloud.
Prerequisites
Create an SSH tunnel manually
Create a SSH tunnel in the background with a custom Chef recipe
UNIX-based systems
ENGINE YARD
September 11, 2015 22:26
FOLLOW
If you need to access an instance in your applications environment, you can login via SSH.
Engine Yard enables login access to application instances via SSH. We have standardized on
the secure practice of using key based authentication. This protects our customers’ instances
from brute force attacks against a user/password based authentication. An added benefit of key
based authentication is the ability to login to an instance without a password.
The command you run from a *nix based command line terminal is this:
$ ssh-keygen -t rsa
You should see a similar output to the following:
Outcome
Upon completion of the key generation command, two files have been generated in the location
you specified to save the key. The default location is in a .ssh directory in your home directory.
You should see the following files in ~/.ssh:
id_rsa
id_rsa.pub
The id_rsa.pub file is the public key file that you’ll upload to Engine Yard Cloud.
Next step
Add your public key to Engine Yard Cloud.
If you have feedback or questions about this page, add a comment below. If you need help,
submit a ticket with Engine Yard Support.
Windows-based systems
ENGINE YARD
October 05, 2018 08:49
FOLLOW
On Windows, there are a number of ways to create an SSH keypair, including RailsInstaller,
PuTTY, and Cygwin. Engine Yard supports the RailsInstaller method because it is straight-
forward.
Create keys
Add keys to Engine Yard Cloud
To create keys
RailsInstaller automatically creates SSH keys in ~/.ssh C:\Users\<user_name>\.ssh. To re-
create them, follow the steps below. This procedure uses unix-style commands and paths
because that is what git-bash uses.
cd ~
3. Generate the SSH keys: (make sure to use a strong password or Engine Yard Cloud will reject
it)
ssh-keygen -t rsa
4. Change the permissions of the SSH folder and keys:
notepad ~/.ssh/id_rsa.pub
b. Copy the key to the clipboard.
notepad ~/.ssh/id_rsa.pub
6. Paste the key (copied in Step 1b) into the Public Key field.
7. Select the environments that you want to add this key to. If you don’t have any environments,
this key is automatically added to the ones you create.
Next step
Install your public key to your application environment(s).
If you have feedback or questions about this page, add a comment below. If you need help,
submit a ticket with Engine Yard Support.
FACEBOOK
TWITTER
LINKEDIN
Comments
Please sign in to leave a comment.
Related articles
Access Your Database Remotely Through an SSH Tunnel
Set up SSH keys
Add an SSH key to an Environment
Obtain and Install SSL Certificates for Applications
Set Up Your Application and Environment
[local port] The local port your database tool connects to.
If you have a MySQL installation on your local machine, it runs on port 3306 by default;
therefore, don’t use 3306 for the local port. For example, use 3307 instead.
If you have a PostgreSQL installation on your local machine, it runs on port 5432 by default;
therefore, don’t use 5432 for the local port. For example, use 5433 instead.
[database host] The hostname or IP address of the database instance that you are tunneling
to. If the [remote host] is the database instance you will want to set this to 127.0.0.1 (so it refers
to itself). If you used an application instance as [remote host] then you can use the value of
"host:" from your database.yml instead.
[remote port]The port that your remote database listens for connections on.
For MySQL databases, this is 3306 by default.
For PostgreSQL database, this is 5432 by default.
[username] the user for the database instance. The default user for the Engine Yard Cloud
database is deploy.
[remote host] the remote instance your tunnel will connect to the database through. This can
be the database instance itself, or any instance within the database environment.
The tunneling command opens an SSH session with the [remote host] specified. The tunnel
will work as long as that SSH session is active. If the session window is consuming valuable
workspace we recommend minimizing it as running tunnels in the background can lead to
multiple tunnels and port conflicts.
ssh -L 3307:ec2-172-16-139-19.us-west-1.compute.amazonaws.com:3306 \
deploy@ec2-174-129-17-196.compute-1.amazonaws.com
where
3307 is the local port,
ec2-172-16-139-19.us-west-1.compute.amazonaws.com is the database host,
3306 is the listening port,
deploy is the database username, and
ec2-174-129-17-196.compute-1.amazonaws.com is the remote host.
2. Before connecting the external database tool such as MySQL Workbench or SQLyog, test the
connection with a simple tool such as the database console, mysql.
(Your tunnel needs to be running for this test.)
Type
ssh -L 5433:ec2-172-16-139-19.us-west-1.compute.amazonaws.com:5432 \
deploy@ec2-174-129-17-196.compute-1.amazonaws.com
where
5433 is the local port,
ec2-172-16-139-19.us-west-1.compute.amazonaws.com is the database host,
5432 is the listening port,
deploy is the database username, and
ec2-174-129-17-196.compute-1.amazonaws.com is the remote host.
2. Before connecting the external database tool such as pgAdmin, test the connection with a
simple tool such as the database console psql.
(Your tunnel needs to be running for this test.)
Type
An init script that sets up the SSH tunnel from the instance in the background
A config file to have monit watch over the tunnel and keep it open
More information
For more information
See...
about...
Find key information about your
Finding database hostname and password
database.
If you have feedback or questions about this page, add a comment below. If you need help,
submit a ticket with Engine Yard Support.