The Gateway simplifies hosting services behind a firewall: It enables you to tunnel connections through an SSH server.
Configuring Local Database Access
The connection from the SQL Gateway to the SSH server is a reverse SSH tunnel; after authenticating the SQL Gateway, the server automatically forwards remote connections.
Along with the Host and Port in the Remote Server section, you need to specify the credentials needed to perform SSH authentication. You also need to have already created a service and selected the "Enable on Gateway" option on the Services tab.
Authenticating to the Server
Select one of the following options in the Auth Mode menu in the Remote Server section and then click Test SSH Connection to initiate a login to the SSH server.
In this authentication method, the SQL Gateway logs in with the username and password of a user account on the machine running the SSH server. The password is securely sent through the encrypted SSH tunnel.
Public Key Authentication
You will need a key pair to perform this authentication method. Specify a digital certificate or create a certificate to obtain a key pair: Click the button in the Certificate box.
Private Key: Select the private key from the Windows certificate stores, from a .pfx file, or from a .pem file.
Public Key: Click Export Public Key to save the public key as an OpenSSH public key, an SSH2 public key, or an X.509 public key certificate.
The public key is configured on the server and used to encrypt data that can only be decrypted by the private key. The SQL Gateway uses the private key to decrypt data packets from the server and to authenticate.
In the Advanced Settings section, you can configure SSH connection behavior:
- Timeout: Configure the seconds the connection is allowed to idle.
- Auto Reconnect: Select whether the SQL Gateway will attempt to reconnect when the SSH connection is lost.
- Reconnect Count: Enter the number of reconnection attempts the SQL Gateway will make when the connection is lost. A value of -1 signifies that the SQL Gateway will attempt to reconnect indefinitely.
- Reconnect Interval: Select the retry interval, in seconds.