Postgres with SSH Tunnel

Did anyone get it to work? I always run into this error message
Could not establish a connection. Try checking your database firewall configuration and whitelisting Retool's IP Address

Hi Shaohua! debugging these resource connections can be a pain :frowning:
Here’s some info you might find helpful:

Possible error messages with SSH Tunnel:

  • All configured authentication methods failed
  • it means retool can reach the ssh host, but can’t authenticate (the retool pub key isn’t in there? or there’s no retool user?)
  • Channel open failure: Connection refused
  • the ssh tunneling config was good, but the host/port you tried to connect to refused the connection
  • Could not establish a connection. Try checking your database firewall configuration and whitelisting Retool's IP Address
  • you usually get this when you run into a firewall, or when other wonky things happen (e.g. trying to connect postgres to an http port)
  • this can happen if your ssh tunnel configs are wrong, OR if your db host/port are wrong. no way to tell right now unfortunately :frowning:
    here are some things I’d try:
  • just to double check: did you create a retool user on your ssh host, and add the pub key?
  • if you have access to the ssh host, try connecting retool while monitoring the auth logs (tail -f /var/log/auth.log). if you’re not seeing any connection attempts, then you probably didn’t whitelist retool’s IP
  • while debugging, use the proper ssh tunnel configs, but set the db configs to something bogus, e.g. localhost:5555. if the ssh tunnel is fine, you should see the “Connection refused” error, and you’ll know that your db configs are the problem, not the ssh tunnel configs
    does that make sense?

To get the ssh user working on Debian I had to do the following:
chmod 700 /home/retool/.ssh
chmod 600 /home/retool/.ssh/authorized_keys
chown -R retool:retool /home/retool

1 Like