Unsupported Screen Size: The viewport size is too small for the theme to render properly.

Pageant Key Conflict With Ssh Tunnel

forums forums SQLyog SQLyog Comments Pageant Key Conflict With Ssh Tunnel

  • This topic is empty.
Viewing 10 reply threads
  • Author
    Posts
    • #11569
      tomp_gl
      Member

      Hi,

      I just started using SQLyog enterprise, and it is conflicting with Pageant, my SSH key caching application which holds my different SSH keys and their passphrases and automatically supplies them to WinSCP and Putty when they connect. When I use SSH tunnelling with key or password authentication in SQLyog I get the “Too many authentication failures…” message because presumably pageant is serving up mismatched keys from its cache to the remote ssh daemon before SQLyog supplies the key I specified in the connection settings.

      There are 2 work arounds I know of – I can close Pageant and loose my key cache (very annoying), or I can increase the number of retry attempts in the sshd config file to the number of keys I have (which will keep growing over time).

      Is there any other alternatives to this?

      Thanks

    • #29256
      Supratik
      Member

      Hi,

      Can you please confirm once again whether the SSH key of the host you wanted to connect is added in Pageant.

      The error “Too many authentication failures…” is reproducible when we set the value of MaxAuthTries in sshd_config to a lower value(1 or 2) and the SSH key used to connect to host is not present in the Pageant list.

      One alternative to this problem can be, add the SSH key which you have specified in SQLyog connection settings to Pageant list.

      Please let me know if you have any questions.

      Regards

      Supratik

    • #29257
      tomp_gl
      Member

      When the problem occurred, I had 5 keys in Pageant, including the key SQLyog uses. MaxAuthTries is set to 3.

      I tried again just now but I could not reproduce the problem.

      Thanks

    • #29258
      tomp_gl
      Member

      Well the problem is occurring again now. I have 6 keys in Pageant, including the key SQLyog uses. MaxAuthTries is set to 3.

      Thanks

    • #29259
      Supratik
      Member

      If you are using Pageant and if you have a large number of keys loaded into it, SSH server will

      count each offering of the key as an authentication attempt. I think increasing the “MaxAuthTries”

      value is a good solution to this problem.

      Regards

      Supratik

    • #29260
      tomp_gl
      Member

      What if I have 50 keys in Pageant? I don't want to increase MaxAuthTries to 50…

      http://winscp.net/eng/docs/message_too_man…cation_failures

      Thanks

    • #29261
      tomp_gl
      Member

      Can you look at integrating pageant support into the next SQLyog version? It is quite an essential tool for unix administrators…

    • #29262
      Supratik
      Member

      SQLyog uses Plink for SSH connections and if Pageant is running it will use Pageant to authenticate. I think

      if this error is appearing for a SQLyog connection it may also appear for the other applications that uses keys

      from Pageant key list.

      Can you please provide me with few details..

      1) In your present setup did you get the same error for WinSCP and Putty anytime ?

      2) Does all your SSH connections uses Pageant to authenticate ?

      3) Are you specifying the key that's required for the authentication in the session configuration in WinSCP or Putty for any connection?

      Quote:
      Can you look at integrating pageant support into the next SQLyog version? It is quite an essential tool for unix administrators…

      We will discuss on this feature, to have an option in SQLyog whether to obtain keys from Pageant or not.

      Regards

      Supratik

    • #29263
      tomp_gl
      Member

      To answer your questions:

      1) In your present setup did you get the same error for WinSCP and Putty anytime ?

      No

      2) Does all your SSH connections uses Pageant to authenticate ?

      Yes

      3) Are you specifying the key that's required for the authentication in the session configuration in WinSCP or Putty for any connection?

      Yes

      Thanks

    • #29264
      nithin
      Member

      Hello

      We will add an option for pageant , so that user can specify the source of keys.

      I have added this to our issue tracker.

      http://code.google.com/p/sqlyog/issues/detail?id=1116

      We will update the status once we discussed.

      Thanks

    • #29265
      tomp_gl
      Member

      Thanks!

Viewing 10 reply threads
  • You must be logged in to reply to this topic.