Creating an SSH Tunneled connection with encrypted key

ratheous posted 5 years ago in Creating a connection
I'm unable to establish a tunneled connection to a server which I've configured to only allow ssh connections with public key/RSA authentication, using an encrypted private key. I am able to log in using putty and my private key (imported through puttygen). I've also successfully established tunneled connections with other servers which did allow password authentication using HeidiSQL.

Furthermore, I can establish a tunneled connection to the mysql server I'm having trouble with if I configure the tunnel in putty and log in with that prior to connecting with HeidiSQL, rather than using the HeidiSQL SSH Tunnel settings.

I've tried leaving the password field blank, which does not cause HeidiSQL to ask me for my passphrase; I've tried entering my passphrase in the password field; I even tried entering the account password just for the heck of it, even though password auth is disabled. Every attempt ends with the error "SQL Error (2003): Can't connect to MySQL server on 'localhost' (10061)".

Just to verify that plink wasn't the culprit, I ran the following:

plink.exe [USER]@{IP} -P [SERVER SSH PORT] -i "[LOCAL PATH TO PRIVATE KEY .ppk]" -L 3306:localhost:3306

plink responds:

Using username "[USER]".
Passphrase for key "imported-openssh-key":

After which I enter my passphrase and receive a command prompt, so plink is working correctly as far as I can tell.

Is this supposed to work?

The server is OpenSUSE 12.1 if it matters.

I don't claim to be an expert on any of this, so let me know if I don't use the correct terms or you need more information.

jfalch posted 5 years ago
AFAIK using n encrypted private key (ie passing a passphrase to plink) seems not currently to be supported by heidisql. I suggest that you use pageant (a putty auxiliary program) to load the private key before starting heidisql; pageant will ask you for the key┬┤s passphrase when loading, will then remain resident, and will later automagically pass the key to plink without requiring the passphrase again.

Please login to leave a reply, or register at first.