0

I'm attempting to reach my private Postgres database that is connected to a private linux instance. When I access it through terminal, I have to first SSH to the bastion instance and then using the same PEM file SSH into the private linux instance from where I can access the database. I wish to reach this database with python using sqlalchemy. I have read about SSH port forwarding but I'm having trouble. I've found this example, but I'm unclear where I enter the address of the private instance, I've tried using the address in the remote_bind_address but that threw and error.

could not translate host name to address

with SSHTunnelForwarder(
        ('xxx-x-xx-xx-xxx.us-west-2.compute.amazonaws.com'), """bastian server"""
        ssh_username="buntu",
        ssh_pkey="fourmm.pem",
        remote_bind_address=('Address of private instance?', 22)
) as tunnel:
    print("****SSH Tunnel Established****")
    engine = create_engine(
        "postgresql://postgres:XXXXXXXxxxxxxx@xxxx-xx.cluster-xxxxxx.us-wesr-.rds.amazonaws.com:5432/postgres",
        echo=True, future=True)
Robert Marciniak
  • 163
  • 1
  • 2
  • 14
  • [python - Using SSHTunnelForwarder to connect to a MySQL db via SSH - Stack Overflow](https://stackoverflow.com/questions/37980493/using-sshtunnelforwarder-to-connect-to-a-mysql-db-via-ssh) – John Rotenstein May 31 '21 at 22:18
  • Thank you for the link. I've looked at this previously, however, in my case I need to SSH->bastian server --> ssh--> private server ->database. So, it seems to me I have an additional step that I'm not sure how to incorporate – Robert Marciniak Jun 01 '21 at 15:33
  • Yes, port forwarding can only help with "two hop", not "three hop". Why can you not connect from the bastion to the database? – John Rotenstein Jun 01 '21 at 23:08
  • The private server will host my app which will communicate with the database, but I just need local access for development. Currently the bastion server has no connection to the DB. I suppose I could try to look into that. I have found this recently: https://stackoverflow.com/questions/40644407/ssh-tunnel-forwarding-with-jump-host-and-remote-database. But I don't understand how setting up a ~/.ssh/config affects the SSH python script but I think the answer lies here. – Robert Marciniak Jun 02 '21 at 15:14
  • I notice that your postgres url contains `us-wesr-`, which should be `us-west-` -- typo? – John Rotenstein Jun 02 '21 at 23:01
  • unfortunately not, just an artifact. I've given up and just enabled bastion to DB. Thanks anyhow. – Robert Marciniak Jun 03 '21 at 22:33

0 Answers0