ODBC Driver for Amazon Redshift

SSH Connection to Amazon Redshift via ODBC Driver

Connecting to Amazon Redshift Using SSH

This section discusses how to connect to Amazon Redshift through SSH. Secure Shell (SSH) is cryptographic network protocol for secure remote login, command execution and file transfer over untrusted networks. SSH uses client-server architecture, connecting an SSH client with an SSH server. The client and server authenticate each other and pass commands and output back and forth. To secure the transmitted data, SSH employs forms of symmetric encryption, assymetric encryption, and hashing.

In symmetric key cryptography, a single key is used by the sending and receiving parties to encrypt and decrypt messages. Assymetric encryption requires two associated keys, the private key and the public key. The public key encrypts messages that can only be decrypted by the private key. The public can key can be freely shared with anyone to autenticate another party, while the private key must be kept secret. The client public key must be stored in a location that is accessible by the SSH server to authenticate the server by the client; conversely, the server public key must be placed on the client side to authenticate the client by the server. Assymetrical encryption is used during the initial key exchange process to produce the shared secret (session key) to encrypt messages for the duration of the session.

The SSH server listens on default port 22 (this port can be changed) for incoming TCP connections. The SSH client begins the initial TCP handshake with the server and verifies the server's identity. The client and server agree upon the encryption protocol and negotiate a session key. The server then authenticates the client and spawns the right environment. The ODBC driver for Amazon Redshift implements the SSH client feature to connect to the SSH server on the remote machine at the specified port. The SSH server authenticates the client and enables the driver to establish a secure direct connection to Amazon Redshift. Below is a simplified diagram representing the SSH tunneling.

SSH-scheme

Note: You don't have to install the SSH client since ODBC Driver for Amazon Redshift implements the SSH client functionality.

SSH Connection Options

To establish an SSH connection to Amazon Redshift, specify the connection parameters on the SSH Options tab under Security Settings.


SSH Connection in ODBC Driver for Amazon Redshift

SSH Connection Options:

Option

Description

Use SSH

Enables SSH connections.

SSH Host name

The host name or IP address of the SSH server.

SSH Port

The SSH port number (22 by default).

SSH User Name

The username for the account on the SSH server.

SSH Password

The password for the account on the SSH server.

SSH Client Key

The filename of the client private key for key-based authentication.

SSH Client Key Password

The passphrase for the client private key.

SSH Server Key

The filename of the SSH server public key.

SSH Storage Path

The directory where the encryption keys are stored.

Sample Connection String:

DRIVER=Devart ODBC Driver for Amazon Redshift;Data Source=myHost;Database=myDatabase;User ID=myUsername;Password=myPassword;Port=myPort;Use SSH=True;SSH Host name=mySshHost;SSH User Name=mySshUsername;SSH Password=mySshPassword;SSH Client Key=myPrivateClientKey.pem;SSH Client Key Password=myClientKeyPassphrase;SSH Server Key=myPublicServerKey.pem;SSH Storage Path=myDirectoryWithKeys

© 2015-2021 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback