unix

SSH Tunnel for PostgreSQL Connection on AWS EC2

AWS has become a fairly ubiquitous hosting option for small companies.  But developers typically work on local dev setups outside the host and occasionally need access to the main dev and staging databases located on AWS.  How do you do this and still run in a secure environment?  One thing you don't do is poke a hole in AWS' firewall and run PostgreSQL's port in the open.

tags: 

SMB+SSH: Ubuntu server and OSX client

The title above is pretty close to the Google search query I used in vain to find a recipe for tunneling an OSX Samba client to an Ubuntu 14.04 server. Hopefully this post will save someone the hours I spent trying to set this up.

In the end, like so many Unix projects, the answer turned out to be simple. All that's needed is a configured and functioning Unix/Linux Samba and SSH server .   Everything else is on the client side.

I'm not unfamiliar with Samba. I ran it for years between a FreeBSD Unix server and Windows XT workstation. It had its quirks, and still does. When I dumped Windows for a shiny, new Mac Pro in 2009, I switched to NFS. But with each successive OSX upgrade, NFS got flakier to the point where it became useless so I returned to Samba.  But Samba is inherently insecure outside of a trusted LAN so for out-of-office occasions I started using SSHFS. Unfortunately, SSHFS relies on deprecated, third-party software on the OSX side and it was s..l..o..w.  My PHP Storm IDE was grinding through directory refreshes after Git checkouts.

With the release of OSX Mavericks 10.9, Apple announced that it was dumping yet another networking protocol -- it's own greybeard AFP. To replace it, they embraced SMB2. Or... ta da... Samba. Technically, SMB2 isn't officially Samba however OSX has unofficially supported Samba clients for several operating system releases.  Samba(tm) (the Unix server) is actually a product of the open source team at Samba.org.  SMB is an acronym for Server Message Block, which is a proprietary Microsoft protocol. Samba is built to the published white paper spec for SMB.