Fixed Bug: Connecting through SSH Tunnel Using Plink
Simply run this command in your windows preferred terminal (cmd.exe, cygwin, etc) and agree to accept the host and store the cache:
C:\Program Files (x86)\PuTTY\plink.exe -ssh [SSH USERNAME]@[SSH HOST] -P [SSH PORT]
Then close out and try to connect in HeidiSQL again.
* Please note that the location of plink may differ.
To the HeidiSQL developers, if this is not already in an upcoming fix, is there a way to catch the response from Plink asking to agree and either automatically agree or prompt the user to agree. Plink's response looks something like this:
"The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's rsa2 key fingerprint is:
[SSH KEY FINGERPRINT]
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
Store key in cache? (y/n) y"
It mainly says you can run an echo command piping the plink command:
echo y | plink.exe ...
I don't have a SSH enabled server right now, so would you be so nice and test if that works?
Try to automatically pipe a "y" to plink.exe, to auto accept unknown host keys. See http://www.heidisql.com/forum.php?t=15224
How did I test:
from Windows XP SP3 with HeidiSQL 4736 (just downloaded the compiled.exe)
to MySQL 5.6-something on CentOS 6.5 (VM inside of VirtualBox)
- first I checked that I can normally tunnel to an already cached address with sshd accepting only keyfile logins, iptables up blocking all ports but 22, a database user allowed only @'localhost' - worked fine;
-then I changed the IP address to the virtual machine and restarted networking to force a new caching request;
- tried to connect just as before, but for the new target IP address - HeidiSQL hanged there for a while and then put out a message about some 'initial packet' (sorry, forgot to take note of the exact phrasing);
-connected once to the target with plink on the command line, successfully;
-tried again with HeidiSQL with the same parameters as before: this time it went through without a hitch.
SQL Error (2013) in statement #0: Lost connection to MySQL server at 'waiting for initial commmunication packet', system error: 0
Just as the last time around after an initial command line plink connection it worked fine instead.
The message is (user, host and port are real and working ones, just hid for now):
PLink exited unexpected. Command line was: /C echo y | "C:\Program Files\putty\PLINK.EXE" -ssh [user]@[host] -P [port] -i "W:\.ssh\secret.ppk" -N -L 3322:127.0.0.1:3306
Before that the plink tunnel was perfectly fine (except the manual fingerprint confirmation issue). Is there a way to disable this new behavior (/C echo y)? (By the way a setting for this can be fine for those who want manually check and confirm new SSH fingerprints.)
It seems like HeidiSQL cannot fetch the cmd.exe path although echoing %COMSPEC% returns the right "C:\windows\system32\cmd.exe" path.
I think there is a problem using plink. In de last version, if I open a connection to another server, I get a list of DB's of the previous server/connection. In the task manager i have to kill the plink process. After that, if I login via ssh to the server I get the right list of DB's. All plink processes remains open after closing heidisql.
Rewrite plink.exe process handling: Create our own class TPlink, which needs to be called with a .Connect method and raises an exception when some error occurs. Fixes issue #2902. See also: http://www.heidisql.com/forum.php?t=15224
It works great using TCP/IP, but if I try SSH Tunneling (which worked before the upgrade) through PuTTY (naming mySQL server),.. after a 3 second pause I get, "SQL Error (2003) in statement #0: Can't connect to MySQL server on 'localhost' (10061)"
If I just name my server (i.e. drop the mysql.blah_blah.com), then I get, "SQL Error (2013) in statement #0: Lost connection to MySQL server at 'reading initial communication packet', system error: 2"
PuTTY or plink??
Sorry,... i had tried it both ways, tunneling through puTTY with TCP/IP using localhost (but I was concerned that that may not be as secure), as well as using plink via C:\Program Files\PuTTY\plink.exe (which is why i erroneously just called "PuTTY").
Anyhow I found my error (after a few hours sleep),... I was configuring the Settings tab to connect to mysql.blahblah.com, then forgot to change the SSH tunnel tab to to connect to my actual host site (blahblah.com).
It's always something foolishly simple!
Thanks for both of your quick responses. I am sorru to have wasted your time.
Impossible d'exécuter PLink: plink.exe -ssh email@example.com -P 9388 -i "C:\Users\Akro\.ssh\id_rsa_wp.ppk" -N -L 3307:220.127.116.11:3306
And after it show a MessageBox with:
Connection.Active = false
If i use the command in the shell it seem to work.
Please login to leave a reply, or register at first.