Skip to content
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
69 lines (48 sloc) 2.1 KB

Automates ssh connectivity to MindSphere applications running in CloudFoundry.

When running MindSphere applications, ssh access requires several steps. To aid in this task, the script provides the following functionality:

  • Automates the generation of the required one-time password
  • Tunnels appropriately ssh connections when proxy settings are detected

Tested in Debian Linux 9.5 and macOS 10.13+


  1. Assumes that access to the appropriate CloudFoundry deployment has been correctly setup in the environment, particularly 'cf target' and 'cf apps' work properly

  2. The following shell commands are available in the environment:


How to ssh to a running application -v -a my-app

How to open a local tunnel to a remote application port

The following command tunnels local port 8080 to remote port 80: -v -a my-app -- -L8080:localhost:80

Multiple ports are also possible, the options after -- are just standard OpenSSH options: -v -a my-app -- -L8080:localhost:80 -L8081:localhost:8081

How to open a local tunnel to a remote db service

MindSphere does not allow direct ssh access to services, so an intermediate reachable application that is bound to the service is needed.


  1. Obtain the db connection details by checking the environment variable VCAP_SERVICES of the application bound to the service (use cf env <app>)

  2. Extract from this data: db url, db port, user, password

  3. Create an ssh tunnel, forwarding a local port to the remote one: -v -a my-app -- -L8888:<db-url>:<db-port>
  4. Now in a different terminal, using your preferred db browser, connect to the db using the local tunnel at localhost:8888, providing the user and password you extracted earlier

You can’t perform that action at this time.