Ads were blocked by your webbrowser.

This is not a problem, but keep in mind that developing HeidiSQL, user support and hosting takes time and money.

You may want to send a donation instead.

Connecting via SSH Tunnel

thany's profile image thany posted 2 years ago in General

I have to connect via an SSH tunnel to my server. I believe this is very common practice. Yet, HeidiSQL doesn't appear to support this. Can this please be added?

I saw in the "connecting" help section (lolwut, I'm not allowed to post a direct link) a tab SSH Tunnel in the session manager. I don't have that tab, but I do have the latest version (9.4.0.5125) of the program. So I'm guessing the help might be a little bit ahead of its time perhaps?

One thing I've tried is to just enter my private key file in "SSL private key" on the Advanced tab, but when I do that, all I get is Can't connect to MySQL server on [my server ip], but no actual usable error message.

jpyy's profile image jpyy posted 2 years ago

The help page is missing the important detail of selecting network type "MySQL (SSH tunnel)" on the Settings tab, which then gives you the needed SSH tunnel tab.

soneritics's profile image soneritics posted 2 years ago

Heidi certainly supports connecting through an SSH tunnel.

In the Settings tab choose MySQL (SSH tunnel) In that same tab, the settings for the MySQL client go. Your IP address will therefor probably be 127.0.0.1. The username and password will be known by you.

You also have a new tab, SSH Tunnel. Add your connection information here. SSH port is 22. Your username is the one you connect to your server using SSH. Use the private key file field to point to your private key file.

I am using the private key file that I use for Pageant, the .ppk file.



Ads were blocked by your webbrowser.

This is not a problem, but keep in mind that developing HeidiSQL, user support and hosting takes time and money.

You may want to send a donation instead.
michou's profile image michou posted 2 years ago

Is there any chance the SSH tunnel support could be improved to also allow connections that require 2FA/MFA? My current setup involves connecting via a bastion on which authentication is done via a private key *and* an OTP code generated via Google Authenticator.

In the latest version (9.4.0.5174), I can set up the tunnel, but when plink gets prompted for they keyboard-interactive OTP code, HeidiSQL only shows a message box with now way to enter the actual code (see attachment).

My current workaround consists in manually creating the SSH tunnel with plink and then connecting HeidiSQL via the mapped local port – but it's ugly ????

1 attachment(s):
  • Screenshot-2017-08-01-19.41.47
gtsiou's profile image gtsiou posted 1 year ago

I know this thread is old-ish but if someone is still looking for an answer on this, using the passphrase in the password field of the ssh tab, will work fine. It is unintuitive since password != passphrase but it is what it is. No ugly port-tunneling through putty needed;)

michou's profile image michou posted 1 year ago

Yes, but sometimes, there would be *two* interactive prompts, as the server asks for a second passphrase before the 2FA step. So, really, what is needed here is true support for interactive SSH prompts.

Not many tools support this (I couldn't find any that does on Windows), but there's at least SequelPro (albeit on macOS) that does it, so it can be done :)

Thanks for a great tool, m

ryan's profile image ryan posted 3 months ago

Many years later, still no good solution? Is the popularity of mfa too slow? Even the best database GUI tool in the universe (workbench, heidisql) doesn't support MFA, I can't buy a MAC for that, can I?

michou's profile image michou posted 3 months ago

@ryan, the workaround is to manually create the tunnel via plink / ssh and then use the local connection in HeidiSQL pointed at the local end of your tunnel.

ryan's profile image ryan posted 3 months ago

@michou I'm new at plink, can you tell me how to create tunnel via plink? very thank you !

michou's profile image michou posted 3 months ago

This blog post describes in detail how to do that: https://www.skyverge.com/blog/how-to-set-up-an-ssh-tunnel-with-putty/



Ads were blocked by your webbrowser.

This is not a problem, but keep in mind that developing HeidiSQL, user support and hosting takes time and money.

You may want to send a donation instead.
ryan's profile image ryan posted 3 months ago

@michou Thank you! you are so nice.

ansgar's profile image ansgar posted 3 months ago

If someone would describe these interactive prompts in detail, in a regular issue on Github, I am open to extend HeidiSQL's current logic for Plink.

Escondido's profile image Escondido posted 1 month ago

I spent a ridiculous amount of time trying to figure this out before I succeeded. Now it works perfectly. I hope it helps. Steps are as follows.

-Log into remote database and access mysql database

mysql -u root -p

-Add a remote user

create user 'remoteusernamehere'@'%' identified by 'insertpasswordhere'; (% means user can access from ANY IP address, replace with your static IP address if you want)

-Grant all privileges for new user

grant all on . to 'username'@'%';

-Exit out of mysql and server

-Open HeidiSQL and create NEW Session

select MariaDB or MySQL (SSH tunnel)

hostname/ip= 127.0.0.1

user= remoteusernamehere

password= insertpasswordhere

Port= 3306

-Select SSH Tunnel Tab (make sure you have already downloaded plink)

plink.exe location= self explanatory

SSH host + port= your remote server ip address and port (usually 22)

username= remote server username

password= remote server password

plink.exe timeout= 4

private key file = I left it blank

local port: 22

-Save and click Open

Please login to leave a reply, or register at first.