It is considered best practice to not have your database servers accessible via any public channels. This means that it is generally best practice to build an SSH tunnel to a server that sits between yourself and the database as an extra layer of protection. Most database clients that connect to databases have the capability to define an SSH tunnel (with private key authentication). Attached is are a couple of screenshot of one such client (upcoming client DBE from JetBrains).
In order to have our Business Intelligence (BI) folks connect to our database servers we had to build out a batch script that builds a tunnel to our jump servers using putty. This also requires them to run this script any time they want to connect through Tableau Desktop. We also have to run these scripts on the Tableau Server machine so that the data sources they publish (which point to 127.0.0.1) will work correctly.
This is not an ideal solution and is hacky at best.
I'd like to request a native SSH tunnel functionality that allows both private key authentication and SSL certificates in both Tableau Desktop and that all of that data can be transported to Tableau Server when data sources are published.
This is a pretty standard feature in 2015 and I believe is sorely lacking in the implementation of what is otherwise a phenomenal product. This feature will eliminate an unneeded manual step by our BI folks to open and maintain an open SSH tunnel.