A Secure Shell (SSH) tunnel consists of an encrypted tunnel created through an SSH protocol connection. Users may set up SSH tunnels to transfer unencrypted traffic over a network through an encrypted channel. The purpose of the document is to specify the steps needed in order to securely connect a Sisense Server machine to a data source behind a firewall. Follow the steps below to set up an SSH tunnel between Sisense and your data source.
Part 1: Install and configure freeSSHd server on the Data Source Machine
This part of the document describes the steps for installing the SSH server, freeSSHd, and then guides you with the configuration setup.
- Go to the http://www.freesshd.com/?ctt=download and download the latest stable version of freeSSHd onto your local machine
- Double click the downloaded freeSSHd.exe file to start the installation
- Follow the instructions on the Welcome screen and click Next
- Accept the default value or Browse and select the location of your choice for and click Next
- Ensure that the Full Installation is selected and click Next
- Click Next on the next screen to accept the default start menu folder
- Accept the defaults on the next screen to create a desktop icon and click Next
- Verify and click Finish on the summary screen. The installation takes less than a minute depending upon the system resources
- Click Close in Try Other Product screen
- Select Yes from the Setup pop-up window to create Private keys
- Click Yes in the next Setup window shown below:
- Click Finish to exit setup
- Select Start > Programs > freeSSHd > freeSSHd
- Click the FreeSSHDService icon at the bottom tray
- The freeSSHd settings window is opened:
- Click Telnet tab from the top and ensure that the Port number is 22
- Click the Authentication tab. Browse and select or accept the default Public key folder. Make a note of this folder as you are going to use this while generating the public/private key later in this lab .
- Add a user without public key authentication: sftpuser1
- Click Users tab from the top of the settings window
- Click Add…
- Provide the values as shown below in the User properties window
- Login: enter any value, for Ex: sftpuser1 (This is the user name to connect to your FTP server)
- Authentication: select Password stored as SHA1 hash from the drop down menu
- Password: enter any value, for Ex: password
- Password (again): enter the same value entered for the above field
- Select the box next to SFTP,SHELL,Tunneling
- You should now see sftpuser1 added under Users tab
Part 2: Open an exception in the Windows Firewall
- Go to Start -> Administrative Tools -> Windows Firewall with Advanced Security.
- Next, Click on Inbound Rules, then on New Rule.
- Next, to add a Port rule .
- Select TCP port 22 only .
- Select the defaults to Allow the Connection, apply this to All domains, and give the rule a Name of your choice.
Part 3: Set up the SSH Client
- Go to https://www.bitvise.com/ssh-client-download and download Bitvise SSH Client
- Run the installer, accept the terms, select installation folder and click install:
- Fill in the SSH server details, i.e. host IP or DNS name and the username/password you set up in the SSH server (i.e. sftpuser1). Please note you need to select password as the Initial method for Authentication:
- Click on login. You should now be connected to the SSH server:
- You should now be able to connect to the data source from the Elasticube manager by using IP/Hostname you specified in the Bitvise client.