New feature: SSH tunnel
| User, date | Message |
|---|---|
|
Written by ansgar
3 years ago Category: News 3949 posts since Fri, 07 Apr 06 |
r3229 implements SSH tunneling via plink.exe on the session manager: Thanks to all which voted for this issue. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Great! But some destination servers allow to open ssh-connection on non standart port only (default is 22). I solve this by adding -P port_num as plink.exe startup option. But this setting is global for all heidi connections through ssh-tunnel! Please, add ssh-port field to SSH tunnel tab to allow to edit per-connection ssh-port number. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
Is it possible to implement authorization by key? It would be great. Authorization via password is sometimes disabled on server. |
|
Written by mastrino
3 years ago 2 posts since Fri, 12 Feb 10 |
This is a wonderful feature. Thank you! I always connect through tunnel ssh opening putty first and then heidisql. Now I don't have even to run putty first. It is wonderful. I agree with justpusher, would be nice to be able to connect using the keys but also like this is great. |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Thinking that using keys would make the code more complex than it is - I'd say this should be set up manually using putty, for now. |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Same goes for other options like the custom SSH port - which sounds slightly uncommon to me. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
As far as I know, plink can be forced for using a key with a command-line option: plink -i path/to/key I tried to specify key in option "path to plink" in that way. Plink is opened in separate window which closes quickly (I can't notice if he authorizes successfully). HeidiSQL then reports "Cannot connect to server". As for me, I don't see a big problem in running tunnels separately (with ssh or plink). But also I can't feel a big profit of tunneling feature while it does not support keys  Maybe I can help developing this feature? I'm quite familiar with Delphi and ssh tools. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
OK, but I need to use different plink.exe options to making tunnel. For example, to connect to the first DB I must connect with 1322 port at the server. I've added "-P 1322" for plink.exe. Second DB at the server with 22 ssh-port, so I deleted "-P 1322" option. To connect to the first server I need to add option again, then deleting it and to add again ... :( How can I configure plink.exe per several connection? |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
2 wtask: you can use putty sessions as parameters to plink. It may be a little easier than to change port every time. If you saved a connection settings in putty as a session "server1", you can use it in plink: plink.exe -load server1 But I agree, it is not very handy. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Putty doesn't allow to save passwords anyway or I don't know how to do this. What is the difference between your suggestion and my temporary solution? |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
Maybe I just didn't understand you. Editing putty session is a bit easier than editing a port. There's no big difference. By the way, we can write a small tool to use instead of plink. It will read port, password and key file path from some config file and launch plink. I'll think about it tomorrow 
|
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Oh, no, please don't start create hacking toolNow it lacks only one thing. How to make Heidi to save plink's options per connection, like this: Connection | Path to plink Database1 | C:/putty/plink.exe -P 1322 Database2 | C:/putty/plink.exe another_plink_option Database3 | C:/putty/plink.exe |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Please see comments in issue #401. |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Yes, no wrapper for plink required - would be very ugly. I'll just commit my changes, which will allow you to * set a different SSH host/ip and port * set a private key file |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
@wtask: Btw, plink options are saved per connection. Only the plink.exe location is a global setting, all others are stored together with your session settings. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Thank you! I see. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Something wrong with ssh in build 3235. Looks like plink.exe use cache and try to open always the first ssh connection from list... I couldn't connect to my second host. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
... or errors in Heidi settings after applying update to latest build. On other PC everything is ok. |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Please update again, I just fixed some minor last stuff. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Thank you, at present everything is ok |
|
Written by jfalch
3 years ago 222 posts since Sat, 17 Oct 09 |
In session managerĀ“s SSH tunnel tab, please consider adding an additional checkbox "compressed" (generates -C switch with plink). |
|
Written by mastrino
3 years ago 2 posts since Fri, 12 Feb 10 |
This is great! Thanks |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
Feature works perfectly! Thanks. |
|
Written by md2perpe
3 years ago 3 posts since Thu, 15 Apr 10 |
Before I've used tunnelling through Putty, so this feature makes the daily life somewhat easier. However, I get a loud beep in my PC speaker when connecting to a server. I don't understand if it's from HeidiSQL or from plink. Does anyone know how to get rid of that beep? |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
I would have bet that is caused by a plink connection error, but when you're successfully connecting that cannot be the case. Probably some unimportant "notice" from plink.exe. Not sure. Just try to execute the plink.exe command line manually you see in your SQL log - should also beep. |
|
Written by md2perpe
3 years ago 3 posts since Thu, 15 Apr 10 |
I cannot see any failure nor a plink command in the log: /* Connecting to db.ztormint.net via SSH tunnel, username root, using password: No ... */ |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Ah yes.. that log row was removed for security reasons. |
|
Written by microUgly
3 years ago 20 posts since Fri, 16 Apr 10 |
Should this feature still work in the latest builds? Since upgrading to to 5.1 it stopped working. I'm currently using version 5.1.0.3274. The error is a typical "SQL Error (2003): Can't connectf to MySQL server on 'localhost' (10061)". I enabled logging but this event doesn't generate a log entry. I did not that prior 5.1, the first time I would try to connect, the connection would fail, but then it would work the second time. |
|
Written by microUgly
3 years ago 20 posts since Fri, 16 Apr 10 |
I just seen in the change log that one of the bugfixes is that plink would exit after a failed connection. Is there a chance that Heidisql is not allowing enough time for plink to initiate a connection before it decides it can't connect to MySQL? This might explain why it previously work for me on the second attempt--because plink was still open and had been allowed enough time for the connection to be made. Most of my servers are overseas and can take a small amount of time for a connection to be made. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
As I understood, I should specify the port of real remote mysql server (3306) in `port` field on 1st tab, and local temporary port (ex., 7000) in "Local port" field on 2nd tab. But if I do so, it does not work (error:could not connect). Instead, it works if I swap those settings. So I specify 3306 in local port and 7000 in main port. And it works! Maybe I'm doing something wrong? If everything is correct, I think you should swap those two settings or write a little help what every of them means. Nevertheless, I want to say a BIG thanks to developers for this feature. It's really GREAT! |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
Addition to previous comment. I tried connecting to same server on my colleague's computer. Situation is opposite to mine. On that computer I need to specify 3306 as main port, and 7000 as local port, so the settings are swapped comparing to my settings. Seems to be a very interesting bug. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
@microUgly Try to swap vales in local port (2st tab) and port (1st tab). This helped in my case. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
After update to latest night build and re-creating all sessions my bug disappeared. So the question is closed, sorry.
|
|
Written by microUgly
3 years ago 20 posts since Fri, 16 Apr 10 |
This still isn't working for me. I'm confident this will be a timeout issue. I'm getting an error that it can't connect before negotiation could possibly be complete. I can also manually create a plink connection without a problem. |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
So, plink.exe has no connection yet when MySQL connection is tried to open? Could be the case, there is a one second waiter after opening plink.exe: WaitForSingleObject(FPlinkProcInfo.hProcess, 1000); There should be some loop which detects if plink is still running. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
I understood, why I can't connect to MySQL with SSH tunnel. On my first laptop wich works under Windows 7 x32 I've used official putty from http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html. But on another PC I have Windows x64. And it is strange, but x32 plink.exe in this case does not connect to the server and waits for interactive password. So when I've installed x64 version of putty's utils from https://splunk.net:444/page/putty_64bit, Heidy successfully creates ssh-tunnel to MySQL server. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
Only first time, plink x64 ask for confirmation for key saving. Heidi doesn't detect this. |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
SSH tunnels still don't work well for me. I tried to establish tunnel to localhost - it's working properly (yes, I do have sshd server). But for any other server I get `SQL Error (2003): Can't connect to MySQL server on 'localhost' (10061)` error. I agree with microUgly, it seems that Heidi does not wait enough time while plink establishes a tunnel. For my servers, it takes about 2 seconds to connect via ssh. Again, if I establish connection myself with plink via command line, everything works perfectly. If constant waiting more than 1 second is unwanted, I suggest waiting till getting `Using username "pusher"` text from plink. As a noticed, after this text appears, the tunnel is already established. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
There is not only the "not waiting" problem. Plink.exe may try to interact with user when it is started by Heidi. In my case plink.exe x86 runing on Windows x64 ignores password passing as parameter and ask to enter it again. So Heidi couldn't properly open connection. Also, when plink is creating a new connection for the first time it will ask confirmation about certificate and will hang Heidi again... |
|
Written by justpusher
3 years ago 13 posts since Wed, 31 Mar 10 |
@wtask. Your problems really take place, but you can solve them easily. For a problem with confirmation about certificate: it's enough to run plink once manually from command line and accept the certificate. For a problem with specifying password: you can (and you should) use authorization via private/public key instead of password authorization. Even more, if you specify a private key file in default putty settings, then you do not need to enter neither password nor public key path! It's very handy. |
|
Written by wtask
3 years ago 29 posts since Mon, 22 Feb 10 |
@justpusher Yes, just one time. But until before need to invent this. I replied, plink.exe x86 under Windows 7 x32 doesn't request a password again, when it specified. But it is occured when i tried use plink.exe x86 in Windows7 x64. And I know all about putty's limits of using passwords. But we are discussing Heidi ssh-tunnel via plink.exe. |
|
Written by microUgly
3 years ago 20 posts since Fri, 16 Apr 10 |
"There should be some loop which detects if plink is still running." Does this make it an acknowledge issue we can expect to see a fix for sometime in the future? |
|
Written by ansgar
3 years ago 3949 posts since Fri, 07 Apr 06 |
Hehe, not necessarily, as issues are normally managed at Google Code. Forum posts are nicer for dicussions but can easily be forgotten. So, good to have users asking from time to time the right questions :) |
|
Written by microUgly
3 years ago 20 posts since Fri, 16 Apr 10 |
Thanks for pointing that out. Issue logged - http://code.google.com/p/heidisql/issues/detail?id=1914 |
|
Please login to leave a reply, or register at first. |