forums › forums › SQLyog › SQLyog Comments › Pageant Key Conflict With Ssh Tunnel
- This topic is empty.
-
AuthorPosts
-
-
June 30, 2009 at 4:16 am #11569tomp_glMember
Hi,
I just started using SQLyog enterprise, and it is conflicting with Pageant, my SSH key caching application which holds my different SSH keys and their passphrases and automatically supplies them to WinSCP and Putty when they connect. When I use SSH tunnelling with key or password authentication in SQLyog I get the “Too many authentication failures…” message because presumably pageant is serving up mismatched keys from its cache to the remote ssh daemon before SQLyog supplies the key I specified in the connection settings.
There are 2 work arounds I know of – I can close Pageant and loose my key cache (very annoying), or I can increase the number of retry attempts in the sshd config file to the number of keys I have (which will keep growing over time).
Is there any other alternatives to this?
Thanks
-
June 30, 2009 at 8:00 am #29256SupratikMember
Hi,
Can you please confirm once again whether the SSH key of the host you wanted to connect is added in Pageant.
The error “Too many authentication failures…” is reproducible when we set the value of MaxAuthTries in sshd_config to a lower value(1 or 2) and the SSH key used to connect to host is not present in the Pageant list.
One alternative to this problem can be, add the SSH key which you have specified in SQLyog connection settings to Pageant list.
Please let me know if you have any questions.
Regards
Supratik
-
June 30, 2009 at 11:10 pm #29257tomp_glMember
When the problem occurred, I had 5 keys in Pageant, including the key SQLyog uses. MaxAuthTries is set to 3.
I tried again just now but I could not reproduce the problem.
Thanks
-
July 1, 2009 at 7:01 am #29258tomp_glMember
Well the problem is occurring again now. I have 6 keys in Pageant, including the key SQLyog uses. MaxAuthTries is set to 3.
Thanks
-
July 2, 2009 at 7:26 am #29259SupratikMember
If you are using Pageant and if you have a large number of keys loaded into it, SSH server will
count each offering of the key as an authentication attempt. I think increasing the “MaxAuthTries”
value is a good solution to this problem.
Regards
Supratik
-
July 2, 2009 at 8:03 am #29260tomp_glMember
What if I have 50 keys in Pageant? I don't want to increase MaxAuthTries to 50…
http://winscp.net/eng/docs/message_too_man…cation_failures
Thanks
-
July 6, 2009 at 7:31 am #29261tomp_glMember
Can you look at integrating pageant support into the next SQLyog version? It is quite an essential tool for unix administrators…
-
July 6, 2009 at 9:41 am #29262SupratikMember
SQLyog uses Plink for SSH connections and if Pageant is running it will use Pageant to authenticate. I think
if this error is appearing for a SQLyog connection it may also appear for the other applications that uses keys
from Pageant key list.
Can you please provide me with few details..
1) In your present setup did you get the same error for WinSCP and Putty anytime ?
2) Does all your SSH connections uses Pageant to authenticate ?
3) Are you specifying the key that's required for the authentication in the session configuration in WinSCP or Putty for any connection?
Quote:Can you look at integrating pageant support into the next SQLyog version? It is quite an essential tool for unix administrators…We will discuss on this feature, to have an option in SQLyog whether to obtain keys from Pageant or not.
Regards
Supratik
-
July 7, 2009 at 4:03 am #29263tomp_glMember
To answer your questions:
1) In your present setup did you get the same error for WinSCP and Putty anytime ?
No
2) Does all your SSH connections uses Pageant to authenticate ?
Yes
3) Are you specifying the key that's required for the authentication in the session configuration in WinSCP or Putty for any connection?
Yes
Thanks
-
July 8, 2009 at 8:44 am #29264nithinMember
Hello
We will add an option for pageant , so that user can specify the source of keys.
I have added this to our issue tracker.
http://code.google.com/p/sqlyog/issues/detail?id=1116
We will update the status once we discussed.
Thanks
-
July 8, 2009 at 10:50 am #29265tomp_glMember
Thanks!
-
-
AuthorPosts
- You must be logged in to reply to this topic.