Security - SSH Tunnel

SSH tunneling provides a versatile and robust method for establishing secure connections between systems, even over untrusted networks such as the internet. By encapsulating your data within SSH protocols, you can securely access resources, databases, APIs, or any other services hosted on remote servers, without exposing them directly to the public internet.

Creating ELT Connection

  1. On Connection options of Source or Destination creation, select Connect via secure tunnel. Select Create a new tunnel and click Use SSH
  2. Supply the region, tunnel name and the SSH tunnel details. Click Create SSH Tunnel to create the tunnel
  3. Copy the SSH Public Key by clicking the Copy button and prepare your tunnel host for access.
  4. Once your tunnel host is prepared, click Test Tunnel Connection to test the connection. If connection is successful, you should see the Active check.

Preparing the tunnel host

You will need to prepare your host (either bastion host or tunnel server) by creating an ELT user. Here’s how:

  1. Create group ELT
    sudo groupadd integrate-io
  2. Create user ELT and its home directory:
    sudo useradd -m -g integrate-io integrate-io
  3. Switch to the ELT user
    sudo su - integrate-io
  4. Create the .ssh directory and change permission
    mkdir ~/.ssh && chmod 700 ~/.ssh
  5. Create the authorization_keys file and change permission
    touch ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
  6. Add the previously copied public key to the authorized_keys
    echo '<SSH public key>' >> ~/.ssh/authorized_keys

  7. Allow access to your server's host and port from ELT's IP addresses.