Skip to main content

SSH tunneling

SSH tunneling, or SSH port forwarding, is a method of transporting arbitrary data over an encrypted SSH connection. SSH tunnels allow connections made to a local port to be forwarded to a remote machine via a secure channel.

DronaHQ supports connecting to several databases that are hosted within a private network via SSH tunneling.


  • DronaHQ should have access to a remote machine (SSH tunnel) which should be on same private network where database is hosted.
  • To authorize DronaHQ to connect to the host, add the contents of the public key in use in /home/user/.ssh/authorized_keys.

Configuring SSH tunneling in DronaHQ

To configure SSH tunneling, Go to Connectors -> + CONNECTOR -> Select Supported DB, in this case MySQL and enable this toggle named Enable SSH tunneling.

Configure SSH
Configure SSH

Once SSH config is enabled, user will be prompt with few additional fields.

Secure ServerA bastion host, provides access to a private network from an external network.
SSH PortThis port is used for Secure Shell (SSH) communication and allows remote administration access to the VM, default port is 22.
SSH KeysPrivate key used for SSH authentication.

If you need very safe communication, change the default SSH port number. It will help you not to face the brute force attack.

Manage SSH keys

To manage ssh keys for SSH tunneling, Go to Account Settings -> SSH Key management.

Manage SSH key
Manage SSH keys

If you have not configure any SSH key yet, you can add new ssh key pair to your account. Go to Account Settings -> SSH Key management -> +Add Key.

Add SSH key
Add SSH key


Secure access to databases is one of the primary use cases in the DevOps world. Exposing critical databases to the internet directly increases risk. Thus, SSH tunnels are recommended.