SSH Tunnels

SSH tunnels let OrcaQ reach private databases through a bastion or jump host without exposing the database directly to the public internet.

Required fields

A typical SSH tunnel setup includes:

SSH Host: bastion.example.com
SSH User: deploy
SSH Key: ~/.ssh/id_rsa
Database Host: internal-db.local
Database Port: 5432

When to use SSH

Use SSH tunneling when:

• the database is only reachable from a private network
• access should go through a controlled bastion host
• you need to avoid opening database ports publicly
• your team already manages SSH keys for infrastructure access

Security notes

Keep private keys protected, rotate access when team members leave, and combine SSH access with database-level credentials and environment tags.

Related Topics

• Database Connections
• Strict Mode
• Environment Tags