Fixed Bug: Connecting through SSH Tunnel Using Plink

[expired user #7915]'s profile image [expired user #7915] posted 10 years ago in Creating a connection Permalink
I believe I found a potential bug fix, perhaps this is already known. I have always never been able to use the SSH tunnel because I was getting localhost connection errors. After further diagnostic, I discovered its because I never used Plink to connect to this host in the past.

Simply run this command in your windows preferred terminal (cmd.exe, cygwin, etc) and agree to accept the host and store the cache:

C:\Program Files (x86)\PuTTY\plink.exe -ssh [SSH USERNAME]@[SSH HOST] -P [SSH PORT]

Then close out and try to connect in HeidiSQL again.

* Please note that the location of plink may differ.

To the HeidiSQL developers, if this is not already in an upcoming fix, is there a way to catch the response from Plink asking to agree and either automatically agree or prompt the user to agree. Plink's response looks something like this:

"The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
[SSH KEY FINGERPRINT]
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
connection.
Store key in cache? (y/n) y"
ansgar's profile image ansgar posted 10 years ago Permalink
Yes, there are several users complaing about this issue. I never thought there is an automated solution but today I found this: http://deangrant.wordpress.com/2012/05/16/accept-server-host-key-when-automating-ssh-session-using-putty-plink/

It mainly says you can run an echo command piping the plink command:
echo y | plink.exe ...

I don't have a SSH enabled server right now, so would you be so nice and test if that works?
ansgar's profile image ansgar posted 10 years ago Permalink
No, "echo y | plink.exe ..." does not work, as we have a CreateProcess call which wants one application name and one string of parameters, not just a dos command. I am stuck.
Code modification/commit from ansgar.becker, 10 years ago, revision 8.3.0.4736
Try to automatically pipe a "y" to plink.exe, to auto accept unknown host keys. See http://www.heidisql.com/forum.php?t=15224
ansgar's profile image ansgar posted 10 years ago Permalink
Please try out r4736. I am using hardcoded "C:\Windows\System32\cmd.exe" as the application name for CreateProcess, and "echo y | plink.exe ..." as command line. I cannot test that really, but the same approach works with a simple "cmd.exe echo j del /P test.txt" command. So I'm hoping that also works with plink.
[expired user #2814]'s profile image [expired user #2814] posted 10 years ago Permalink
Sorry to be bringing bad news, but it doesn't seem to work for me... :-(

How did I test:
from Windows XP SP3 with HeidiSQL 4736 (just downloaded the compiled.exe)
to MySQL 5.6-something on CentOS 6.5 (VM inside of VirtualBox)
- first I checked that I can normally tunnel to an already cached address with sshd accepting only keyfile logins, iptables up blocking all ports but 22, a database user allowed only @'localhost' - worked fine;
-then I changed the IP address to the virtual machine and restarted networking to force a new caching request;
- tried to connect just as before, but for the new target IP address - HeidiSQL hanged there for a while and then put out a message about some 'initial packet' (sorry, forgot to take note of the exact phrasing);
-connected once to the target with plink on the command line, successfully;
-tried again with HeidiSQL with the same parameters as before: this time it went through without a hitch.

Duh.
ansgar's profile image ansgar posted 10 years ago Permalink
I tried now using a virtual XP machine and freeSSHD on it. I can connect directly, without having to run plink.exe manually once. Can you please try again and post the error you got?
[expired user #2814]'s profile image [expired user #2814] posted 10 years ago Permalink
Sure! I tried again with a brand new address and got:

SQL Error (2013) in statement #0: Lost connection to MySQL server at 'waiting for initial commmunication packet', system error: 0


Just as the last time around after an initial command line plink connection it worked fine instead.
[expired user #2814]'s profile image [expired user #2814] posted 10 years ago Permalink
More bad news: I've tried once more, this time with r4738, and it stopped working even after an initial commandline connection.
ansgar's profile image ansgar posted 10 years ago Permalink
Shit. It's working here on a SSH enabled virtual XP machine. But I guess I will need to grab output and send input to the plink process for getting it to work properly. If that only wasn't so complicated.
[expired user #4694]'s profile image [expired user #4694] posted 10 years ago Permalink
Hi! After r4736 the plink tunneling stopped working here on wine :(

The message is (user, host and port are real and working ones, just hid for now):

PLink exited unexpected. Command line was:
/C echo y | "C:\Program Files\putty\PLINK.EXE" -ssh [user]@[host] -P [port] -i "W:\.ssh\secret.ppk" -N -L 3322:127.0.0.1:3306


Before that the plink tunnel was perfectly fine (except the manual fingerprint confirmation issue). Is there a way to disable this new behavior (/C echo y)? (By the way a setting for this can be fine for those who want manually check and confirm new SSH fingerprints.)

It seems like HeidiSQL cannot fetch the cmd.exe path although echoing %COMSPEC% returns the right "C:\windows\system32\cmd.exe" path.
ansgar's profile image ansgar posted 10 years ago Permalink
Please let me implement that nicer, I am on the way to do that. Just go back to the previous revisions for now if the current logic does not work for you.
[expired user #4694]'s profile image [expired user #4694] posted 10 years ago Permalink
No offensesmileI'm used to using bleeding edge dev code, just trying to help.
I was experimenting with it a bit but cannot get it to work :/ I don't know how this should work on a "real" winxp, but wine seems to handle this a bit strange.
[expired user #7933]'s profile image [expired user #7933] posted 10 years ago Permalink
Hi,
I think there is a problem using plink. In de last version, if I open a connection to another server, I get a list of DB's of the previous server/connection. In the task manager i have to kill the plink process. After that, if I login via ssh to the server I get the right list of DB's. All plink processes remains open after closing heidisql.
Code modification/commit from ansgar.becker, 10 years ago, revision 8.3.0.4746
Rewrite plink.exe process handling: Create our own class TPlink, which needs to be called with a .Connect method and raises an exception when some error occurs. Fixes issue #2902. See also: http://www.heidisql.com/forum.php?t=15224
ansgar's profile image ansgar posted 10 years ago Permalink
Should all be fixed in r4746
[expired user #4694]'s profile image [expired user #4694] posted 10 years ago Permalink
Confirmed!
CongratssmileWorks like a charm!
[expired user #7235]'s profile image [expired user #7235] posted 10 years ago Permalink
Not working for me! I am running r4749 on a local Win XP SP3, attempting to connect to a linux based mySQL server @ Dreamhost. Been working fine until I upgraded.

It works great using TCP/IP, but if I try SSH Tunneling (which worked before the upgrade) through PuTTY (naming mySQL server),.. after a 3 second pause I get, "SQL Error (2003) in statement #0: Can't connect to MySQL server on 'localhost' (10061)"

If I just name my server (i.e. drop the mysql.blah_blah.com), then I get, "SQL Error (2013) in statement #0: Lost connection to MySQL server at 'reading initial communication packet', system error: 2"

[expired user #4694]'s profile image [expired user #4694] posted 10 years ago Permalink
If you are using the internal SSH tunnel, You don't need an extra putty, they do the same thing (moreover as plink is part of the putty stack chances are that exactly the same happens...). You'll have to choose: HeidiSQL w/ SSH tunnel and setup every tunnel preferences on the SSH tab OR use HeidiSQL w/ TCP/IP and setup the tunnel with the external PuTTY.
ansgar's profile image ansgar posted 10 years ago Permalink
PuTTY or plink??
[expired user #7235]'s profile image [expired user #7235] posted 10 years ago Permalink

PuTTY or plink??



Sorry,... i had tried it both ways, tunneling through puTTY with TCP/IP using localhost (but I was concerned that that may not be as secure), as well as using plink via C:\Program Files\PuTTY\plink.exe (which is why i erroneously just called "PuTTY").

Anyhow I found my error (after a few hours sleep),... I was configuring the Settings tab to connect to mysql.blahblah.com, then forgot to change the SSH tunnel tab to to connect to my actual host site (blahblah.com).

It's always something foolishly simple!

Thanks for both of your quick responses. I am sorru to have wasted your time.
[expired user #4694]'s profile image [expired user #4694] posted 10 years ago Permalink
You're welcomesmileGood to hear you've solved itsmileIt really can be suck to make tunnels work...
[expired user #7692]'s profile image [expired user #7692] posted 10 years ago Permalink
Tried revision 4751 and ssh tunnel doesnt work anymore (its work on stable revision). It show the error message:
Impossible d'exécuter PLink: plink.exe -ssh root@42.187.144.57 -P 9388 -i "C:\Users\Akro\.ssh\id_rsa_wp.ppk" -N -L 3307:42.187.144.57:3306

And after it show a MessageBox with:
Connection.Active = false

If i use the command in the shell it seem to work.
[expired user #10273]'s profile image [expired user #10273] posted 7 years ago Permalink

I got same bug again in version 9.4.0.5125. previous version was working well.

Please login to leave a reply, or register at first.