SSH Tunnels

Included in all types of instances, SSH tunnel provides protection for the data you transmit via the Internet and import into the Bloomreach Engagement application. It is more secure to expose the SSH tunnel as the only gateway to your network than to leave your databases and ports open to the internet. SSH tunnels use SFTP (SSH File Transfer Protocol).


SHA1 Deprecation

SHA1 deprecation was announced on 2021-08-20 by OpenSSH as there are easy and cheap ways how to perform an attack on this algorithm. We've added SHA2 signing algorithm support for SSH-based connections, and SHA1 signing algorithms were deprecated. Customers using OpenSSH servers newer than 5.9 (released on 2011-09-06) should not be affected by this change.

Setting up SSH tunnel integration

To use the feature you will need one of the following database integrations:

  • MySQL
  • PostgreSQL

After you ensure that your project has one of the integrations, follow these steps:

  1. Navigate to Data & AssetsIntegrations
  2. Edit the existing database integration
  3. Scroll down until you see the SSH tunnel section and enable the checkbox
  4. Select an existing SSH tunnel and save the integration

Your database integration now uses an SSH tunnel to communicate with Bloomreach Engagement.


Public (static) IPs are not supported for SSH tunnels. You can either have the static IPs enabled or SSH tunnel enabled.

To read more technical information on how to set up SSH tunnels, go to Databases & Secure connections article.