Re: using ssh-agent

From: berenger(dot)morel(at)neutralite(dot)org
To: <pgadmin-support(at)postgresql(dot)org>
Subject: Re: using ssh-agent
Date: 2014-04-23 13:01:34
Message-ID: ef0088bde92005d90ee46ff812389090@neutralite.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgadmin-support

Sorry for long time before replying, I have lot of things to do those
days...

Your solutions sounds like an interesting one, I'll give it a try when
I will have some time. I'm still not an expert about ssh, so I did not
thought/known about port redirection.

Le 18.04.2014 16:38, Rick Dicaire a écrit :
> I haven't looked at pgadmin in quite some time, didn't know they
> added
> ssh functionality, but the following would work in any case:
>
> ssh -args -L5432:remote_host1:5432 user(at)remote_host1
> ssh -args -L5433:remote_host2:5432 user(at)remote_host2
>
> configure pgadmin sessions to connect to localhost:5432, and
> localhost:5433, voila.
>
> Sorry if this doesn't give you what you want
>
> On Fri, Apr 18, 2014 at 9:53 AM, wrote:
>
>> I am trying to make pgadmin using a ssh tunnel. I do not want to
>> install a xorg server on production servers just for pgadmin :) (
>> plus the fact that I would have to run a pgadmin on every server
>> with a db... definitely a no-go. )
>>
>> In more verbose:
>> I have pgadmin installed on my localhost Debian, i3 ( my window
>> manager ) is started with "ssh-agent startx" in ~/.bash_profile, so
>> that I am able to use ssh-add to add my keys, and then to use ssh
>> without it asking me my passphrases constantly. This works fine.
>>
>> I have added servers in pgadmin with uses the tab "SSH Tunnel",
>> enabled "Use SSH tunneling", filled "Tunnel host", "Username",
>> selected "identity file", and of course I have given Identity file.
>> When I try to connect, pgadmin asks me the postgresql password (
>> this is normal ), and then my passphrase ( this is not normal,
> since
>> I have added my passphrase to ssh-agent through ssh-add ).
>>
>> When I have given the identifiers pgadmin wants, things works (
>> only had few crashes, but not easy to reproduce, and I do not have
>> any information about the reason, I do not always start pgadmin
> from
>> terminal... ). The only problem is, is it possible to make pgadmin
>> using ssh-agent stuff, like in commandline ssh usual commands?
>> Because I connect to exactly 2 distant servers, and I do not like
>> to enter my passphrases everytime there is a connection problem, a
>> crash, or whatever. It would be really nicer if I could only type
>> the 2 postgresql passwords ( which is still annoying, but I do not
>> know if it can be helped. )
>>
>> PS: no need to make me in CC, I have subscribed to the list.
>>
>> Le 18.04.2014 13:07, Rick Dicaire a écrit :
>>
>>> Berenger, are you wanting to tunnel the pgadmin connection to the
>>> db
>>> servers, or ssh X11 forward a remote pgadmin app to local
>>> desktop, or
>>> ...?
>>>
>>>  On Fri, Apr 18, 2014 at 4:33 AM,  wrote:
>>>
>>>> Hello.
>>>>
>>>> Is it possible to use pgadmin in combination with ssh-agent?
>>>> I have configured ssh-agent and my Xorg session and it works
>>>> well
>>>> in command-line ( a ssh-add on a terminal allows any ssh
>>>> connection
>>>> on any other terminal ) but it seems pgadmin does not look at
>>>> ssh-agent keys, which makes mandatory to type the passphrase
>>>> to the
>>>> system, and the password of the postgresql user I'm trying to
>>>> connect. Since I use that ssh connection to connect to 2 DB
>>> servers,
>>>
>>>> I have to type 4 passwords each time I'm trying to (re)connect,
>>> when
>>
>> --
>> Sent via pgadmin-support mailing list
>> (pgadmin-support(at)postgresql(dot)org [3])
>> To make changes to your subscription:
>> http://www.postgresql.org/mailpref/pgadmin-support [4]

In response to

Browse pgadmin-support by date

  From Date Subject
Next Message Kal Black 2014-04-23 15:37:48 WAL archiving from a standby backup strategy Postgresql 9.3
Previous Message Rick Dicaire 2014-04-18 14:38:44 Re: using ssh-agent