Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-odbc-owner+archive@lists.postgresql.org>)
	id 1rSgI3-00FEG7-0D
	for pgsql-odbc@arkaria.postgresql.org; Wed, 24 Jan 2024 16:39:51 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-odbc-owner+archive@lists.postgresql.org>)
	id 1rSgI2-006PKZ-1W
	for pgsql-odbc@arkaria.postgresql.org; Wed, 24 Jan 2024 16:39:50 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1rSgI1-006PKR-Qg
	for pgsql-odbc@lists.postgresql.org; Wed, 24 Jan 2024 16:39:49 +0000
Received: from sss.pgh.pa.us ([68.162.161.243])
	by magus.postgresql.org with esmtps  (TLS1.3) tls
 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <tgl@sss.pgh.pa.us>)
	id 1rSgHz-003VBr-4V
	for pgsql-odbc@lists.postgresql.org; Wed, 24 Jan 2024 16:39:49 +0000
Received: from sss1.sss.pgh.pa.us (localhost [127.0.0.1])
	by sss.pgh.pa.us (8.15.2/8.15.2) with ESMTP id 40OGdjYN163400;
	Wed, 24 Jan 2024 11:39:45 -0500
From: Tom Lane <tgl@sss.pgh.pa.us>
To: =?UTF-8?Q?Jacobo_S=C3=A1nchez_L=C3=B3pez?= <jsanchez@denodo.com>
cc: pgsql-odbc@lists.postgresql.org
Subject: Re: ssh tunneling
In-reply-to: <6df41445-10f5-42bf-a4c2-48ceaad4f35c@denodo.com>
References: 
 <CABbEOvy27FC4ECcGQcPY6u7LCHWqjJT98_2=bfWVCVqCOdYkgA@mail.gmail.com>
 <CADK3HHKTNcd5xaTogEPkt0JVSfxNrfg9_UCSVuz0tw+5HvVQXg@mail.gmail.com>
 <CADK3HH+oW+6b4U4gEfVmp_7ts5XMjN0ZQN7e=tH8psxgmwj4Kw@mail.gmail.com>
 <SA1PR17MB53505C81C0DD3D297B7247BFBE742@SA1PR17MB5350.namprd17.prod.outlook.com>
 <6df41445-10f5-42bf-a4c2-48ceaad4f35c@denodo.com>
Comments: In-reply-to =?UTF-8?Q?Jacobo_S=C3=A1nchez_L=C3=B3pez?=
 <jsanchez@denodo.com>
	message dated "Wed, 24 Jan 2024 09:39:37 +0100"
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-ID: <163398.1706114385.1@sss.pgh.pa.us>
Content-Transfer-Encoding: quoted-printable
Date: Wed, 24 Jan 2024 11:39:45 -0500
Message-ID: <163399.1706114385@sss.pgh.pa.us>
List-Id: <pgsql-odbc.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-odbc@lists.postgresql.org>
List-Owner: <mailto:pgsql-odbc-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-odbc>
Archived-At: 
 <https://www.postgresql.org/message-id/163399.1706114385%40sss.pgh.pa.us>
Precedence: bulk

=3D?UTF-8?Q?Jacobo_S=3DC3=3DA1nchez_L=3DC3=3DB3pez?=3D <jsanchez@denodo.co=
m> writes:
> Maybe the original message is about SSH proxy instead of tunneling?
> The PostgreSQL protocol makes a SSH upgrade instead of starting the =

> communication with SSH handshake and that is a problem when using some =

> SSH proxies/load balancers which are nowadays common in cloud =

> environments. I also wish there was a way to connect directly to a SSH =

> socket but that is not about the driver but how PostgreSQL communication=
 =

> protocol I guess.

FYI, there's some work going on to make it possible to begin the
connection with an SSL handshake:

https://www.postgresql.org/message-id/flat/CAM-w4HOEAzxyY01ZKOj-iq=3DM4-VD=
k=3DvzQgUsuqiTFjFDZaebdg@mail.gmail.com

If you'd like to see that move along, review and especially
testing of the proposed patch would help make it happen.

			regards, tom lane