# Configuring Db2 for LUW workspace data connections During workspace creation, under **Connection Type**, click **Db2 for LUW**. ## Connecting to the source database In the **Source Settings** section, you provide the connection information for the source database. ### **Providing the connection details** To provide the connection details for the source database: 1. In the **Server** field, provide the server where the database is located. 2. In the **Database** field, provide the name of the database. 3. In the **Port** field, provide the port to use to connect to the database. 4. In the **Username** field, provide the username for the account to use to connect to the database. 5. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret). 6. To test the connection to the source data, click **Test Source Connection**. ### **Ensuring encryption of source database authentication** The **Enable SSL/TLS** setting indicates whether to encrypt source database authentication. By default, it is in the on position. We strongly recommend that you do not turn off this setting. ### Trusting the server certificate To indicate that Tonic Structural should trust the server certificate, toggle **Trust Server Certificate** to the on position. ### Connecting through an SSH bastion For additional security, to connect through an SSH bastion : 1. Toggle **Enable SSH Tunnel** to the on position. 2. In the **SSH Host** field, provide the host for the SSH bastion. 3. In the **SSH Port** field, provide the port for the SSH bastion. 4. In the **SSH User** field, provide the name of the user to use to connect to the SSH bastion. 5. If you do not use a private key, then in the **SSH Passphrase** field, provide the passphrase to use for authentication.\ \ If secrets managers are available, you can instead [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret). 6. If you do use a private key, then in the **SSH Private Key** field, provide the private key.\ \ If secrets managers are available, you can instead [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret).\ \ If the private key uses a passphrase, then in the **SSH Passphrase** field, provide the passphrase for the private key. ## Connecting to the destination database Note that you must create the destination database with the full schema before you run data generation. ### **Copying the connection and authentication details from the source database** If the destination database is in the same location as the source database, then you can copy the connection and authentication details from the source database. To copy the connection and authentication details from the source database: 1. Click **Copy Settings from Source**. 2. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret). 3. To test the connection to the destination database, click **Test Destination Connection**. ### **Providing the connection details** To provide the connection details for the destination database: 1. In the **Server** field, provide the server where the database is located. 2. In the **Database** field, provide the name of the database. 3. In the **Port** field, provide the port to use to connect to the database. 4. In the **Username** field, provide the username for the account to use to connect to the database. 5. For **Password**, you can either specify the password manually or, if secrets managers are available, you can [select a secret name from a secrets manager](https://docs.tonic.ai/app/workspace/managing-workspaces/workspace-configuration-settings/secrets-manager/selecting-a-secrets-manager-secret). 6. To test the connection to the destination database, click **Test Destination Connection**. ### Ensuring encryption of destination database authentication The **Enable SSL/TLS** setting indicates whether to encrypt destination database authentication. By default, the toggle is in the on position. We strongly recommend that you do not turn off this setting. ### Trusting the server certificate To indicate that Structural should trust the server certificate, toggle **Trust Server Certificate** to the on position. ### Connecting through an SSH bastion For additional security, to connect through an SSH bastion : 1. Toggle **Enable SSH Tunnel** to the on position. 2. In the **SSH Host** field, provide the host for the SSH bastion. 3. In the **SSH Port** field, provide the port for the SSH bastion. 4. In the **SSH User** field, provide the name of the user to use to connect to the SSH bastion. 5. If you do not use a private key, then in the **SSH Passphrase** field, provide the passphrase to use for authentication. 6. If you do use a private key, then in the **SSH Private Key** field, provide the private key.\ \ If the private key uses a passphrase, then in the **SSH Passphrase** field, provide the passphrase for the private key.