distal-attribute
distal-attribute
distal-attribute
distal-attribute

Creating an SSH Tunneled connection with encrypted key

User, date Message
Written by ratheous
2 years ago
Category: Creating a connection
1 posts since Sat, 24 Mar 12
I'm unable to establish a tunneled connection to a server which I've configured to only allow ssh connections with public key/RSA authentication, using an encrypted private key. I am able to log in using putty and my private key (imported through puttygen). I've also successfully established tunneled connections with other servers which did allow password authentication using HeidiSQL.

Furthermore, I can establish a tunneled connection to the mysql server I'm having trouble with if I configure the tunnel in putty and log in with that prior to connecting with HeidiSQL, rather than using the HeidiSQL SSH Tunnel settings.

I've tried leaving the password field blank, which does not cause HeidiSQL to ask me for my passphrase; I've tried entering my passphrase in the password field; I even tried entering the account password just for the heck of it, even though password auth is disabled. Every attempt ends with the error "SQL Error (2003): Can't connect to MySQL server on 'localhost' (10061)".

Just to verify that plink wasn't the culprit, I ran the following:

plink.exe [USER]@{IP} -P [SERVER SSH PORT] -i "[LOCAL PATH TO PRIVATE KEY .ppk]" -L 3306:localhost:3306

plink responds:

Using username "[USER]".
Passphrase for key "imported-openssh-key":

After which I enter my passphrase and receive a command prompt, so plink is working correctly as far as I can tell.

Is this supposed to work?

The server is OpenSUSE 12.1 if it matters.

I don't claim to be an expert on any of this, so let me know if I don't use the correct terms or you need more information.

Thanks
Written by jfalchMoney, Euro
2 years ago
350 posts since Sat, 17 Oct 09
AFAIK using n encrypted private key (ie passing a passphrase to plink) seems not currently to be supported by heidisql. I suggest that you use pageant (a putty auxiliary program) to load the private key before starting heidisql; pageant will ask you for the key´s passphrase when loading, will then remain resident, and will later automagically pass the key to plink without requiring the passphrase again.
 

Please login to leave a reply, or register at first.