SSH key

SSH key integration is the most secure way to store SSH keys in Deepnote. We add your private key as environment variable so you can use it to connect to remote machines or create tunnels to service within cloud services not accessible on public internet.

To create the integration, click on integration seen on the left-hand sidebar menu. From there, you can be taken to a modal similar to what is seen below by clicking on SSH key.

Copy the private key (commonly stored as .pem file) to the text box and give descriptive name to the integration (eg. AWS Redshift Tunnel key). After the integration is created, mount it to the project. Using a key stored in the environment integration is not trivial but you can use ssh-agent as outlined below.

You can use the stored ssh key to create an SSH tunnel or simply connect to a remote machine. To connect, you can use the following snippet in the terminal.

eval "$(ssh-agent)" > /dev/null && \
echo "$TEST_SSH_KEY" | ssh-add - > /dev/null && \
ssh <user>@<host>

To create a persistent tunnel, you can add the following snippet to the init.ipynb notebook that you can edit in the Environment tab.

!eval "$(ssh-agent)" > /dev/null && \
echo "$TEST_SSH_KEY" | ssh-add - > /dev/null && \
ssh -f -N -4 -L <port>:<endpoint>:<port> <user>@<host>

Creating tunnels is useful mainly to connect to services hidden inside your VPC behind a "bastion host".