Connect with an SSH tunnel

You can set up an SSH tunnel to connect to Vertica. This can be useful in cases where the client or Vertica server is on a private network.

You can set up an SSH tunnel to connect to Vertica through a proxy server. This can be useful in cases where the client or Vertica server is on a private network.

Server on private network

If the Vertica server is on a private network, run ssh -R to configure remote port forwarding on the Vertica server host. For example, to let the client connect to Vertica through a proxy hosted on proxy.example.com:9595:

  1. On the proxy server, add GatewayPorts yes to /etc/ssh/sshd_config.

  2. On the proxy server, restart the SSH service:

    $ sudo systemctl restart ssh

  3. On the Vertica server host, run:

    $ ssh -N -R 9595:localhost:5433 user@proxy.example.com

  4. On the client host, run the following to connect to Vertica through the proxy server:

    $ vsql -h proxy.example.com -p 9595

Client on private network

If the client machine is on a private network, run ssh -L on the client to configure local port forwarding. For example, to let the client use localhost:9595 to connect to Vertica hosted on vertica.example.com:5433 through a proxy on proxy.example.com:

$ ssh -N -L 9595:vertica.example.com:5433 user@proxy.example.com

You can then connect to Vertica from the client:

$ vsql -p 9595