Ads were blocked - no problem. But keep in mind that developing HeidiSQL, user support and hosting takes time and money. You may want to send a donation instead.

plink - add user configurable options into session manager

chivi's profile image chivi posted 4 months ago in Feature discussion Permalink

Hello Team, Before raising a feature request let me firstly check with you, if this request was discussed before.

Idea is the next:

  • currently HeidiSQL doesn't have a way to provide plink options via SSH tunnel configuration in session manager. I mean these options:
NAME
       plink - PuTTY link, command line network connection tool

SYNOPSIS
       plink >> **[options]** << [user@]host [command]
  • as such we are left only with basic plink configuration exposed via UI like username, password, timeout etc

Problem statement:

  • in the company I work I have to use MFA (multi-factor authentication) to connect to the jumphost (using SSH). Only from this jumphost RDS is reachable. It means, that password, pubkey, GSSAPI is a 1st step authentication, whilst MFA challenge is always a 2nd step. Even though it is a smart way of handling security enforcement it is devilish uncomfortable to go through MFA challenge each time I have to reconnect to SSH jumphost;
  • as a solution/workaround for this "problem" I use SSH Master Socket; in plink it is denoted as shared connection:
-noshare
              Don't test and try to share an existing connection, always make a new connection.

       -share Test and try to share an existing connection.

That's what I would like to see in HeidiSQL session manager, but not as an extra UI checkbox for example, but as a user-configurable string of plink passed =+options. I found useful to have "-share" option, someone might found it useful to have "-proxycmd" etc, so generic approach should be used instead.

Alternatively - but I think, it is a very broad subject for discussion - OpenSSH might be used, or I would say, should be used instead of plink.exe. It would be a great and priceless advantage for those using Cygwin.

Long story short:

  • plink should be smart enough to retrieve the list of named pipes, and if existing shared connection exists, it should be used for new SSH session; even if this shared connection was opened NOT by plink.exe:
2022-01-23 20:37:01 Sharing this connection at \\.\pipe\putty-connshare.user1.29b96f4a6a0cc18138109c037cbbe3f51a6bd299a9de77fb200284002978ef4e

Thank you.

Please login to leave a reply, or register at first.




Ads were blocked - no problem. But keep in mind that developing HeidiSQL, user support and hosting takes time and money. You may want to send a donation instead.