search

hankinsoft / SQLPro

SQLPro bug & features tracking.
100 stars 26 forks source link

SSH Tunneling does not work #989

Open hotdogtherapper opened 3 weeks ago

hotdogtherapper commented 3 weeks ago

Describe the bug I cannot connect via SSH tunnel to a postgresql database using SQLPro Version 2024.21 (Build 111093)

I can SSH via terminal, and I can connect to the postgresql using a trial version of Navicat with the same configuration, but I prefer to use SQLPro if we can resolve this issue.

Screenshots image

Environment details (please complete the following information):

Logs 2024/06/07 02:08:01:071 Application is becoming active. 2024/06/07 02:08:02:470 NSApp sendAction: collectionItemViewDoubleClick 2024/06/07 02:08:02:470 collectionItemViewDoubleClick 2024/06/07 02:08:02:470 connectToConnectionId: 95C750ED-BA99-4957-A540-E59258EBF8DA-86510-00007DAAB05B7F2A 2024/06/07 02:08:02:470 connectToRecentConnectionById (not requesting password) 2024/06/07 02:08:02:470 doConnect: private-pg-ro-production-002-do-user-1601304-0.c.db.ondigitalocean.com (detected port: 22 specified port: 25060) 2024/06/07 02:08:02:487 doConnect calling getHost:andPort:forServer:userSpecifiedPort: 2024/06/07 02:08:02:487 doConnect self->internalDatabaseConnectionDetails createNewClient 2024/06/07 02:08:02:487 doConnect calling databaseClient->connect 2024/06/07 02:08:02:487 PostgresDatabaseClient connect called (PQlibVersion: v140005). 2024/06/07 02:08:02:487 HSChilkatSSHTunnelHelper disconnect 2024/06/07 02:08:02:491 HSChilkatSSHTunnelHelper:closeConnection success YES. 2024/06/07 02:08:02:501 HSSSHTunnelPool - Creating a new connection. 2024/06/07 02:08:02:501 (SSH) HSChilkatSSHTunnelHelper:connect called 2024/06/07 02:08:02:501 HSChilkatSSHTunnelHelper:connect - ssh authentication methods exist in cache: ( publickey ) 2024/06/07 02:08:02:826 SSHTunnel:keysForHost:port: returning an array (2 entries) of fingerprints. 2024/06/07 02:08:02:826 Keydata was found (user previously stored). 2024/06/07 02:08:02:826 SSH:authenticateViaPublicKey - publickey auth path is accessable. Not using bookmark. 2024/06/07 02:08:03:013 HSChilkatSSHTunnelHelper:authenticateViaPublicKey loaded privateKey. 2024/06/07 02:08:03:013 HSChilkatSSHTunnelHelper:authenticateViaPublicKey WITHOUT password. 2024/06/07 02:08:03:305 HSChilkatErrorHelper:errorMessagesFromXML:errorTag:. SearchForTag failed. (null). 2024/06/07 02:08:03:305 HSChilkatSSHTunnelHelper:authenticateViaPublicKey error: Failed to authenticate via private key. Authentication failed or partial success. (4) 2024/06/07 02:08:03:305 publickey authentication finished and we are not yet authenticated. 2024/06/07 02:08:03:305 HSChilkatSSHTunnelHelper tunnel log is: Connect_SshTunnel: DllDate: Jun 27 2023 ChilkatVersion: 9.5.0.94 UnlockPrefix: HANKNS UnlockStatus: 2 Architecture: Little Endian; 64-bit Language: Cocoa Objective-C VerboseLogging: 1 hostname: 164.90.246.254 port: 22 sshConnect: connectSocket: domainOrIpAddress: 164.90.246.254 port: 22 connectTimeoutMs: 10000 connect_ipv6_or_ipv4: This is an IPV4 numeric address. Domain to IP address resolution not needed. getAddressInfo: (leaveContext) findIpAddrInfo: (leaveContext) connecting to IPV4 address... ipAddress: 164.90.246.254 createSocket: Setting SO_SNDBUF size sendBufSize: 262144 Setting SO_RCVBUF size recvBufSize: 4194304 (leaveContext) connect: Waiting for the connect to complete... connectTimeoutMs: 10000 ck_getsockname_ipv4: (leaveContext) myIP: 192.168.1.116 myPort: 59248 socket connect successful. (leaveContext 191ms) (leaveContext 192ms) (leaveContext 192ms) Established TCP/IP connection with SSH server Turning on TCP_NODELAY. (leaveContext 192ms) sshSetupConnection: clientIdentifier: SSH-2.0-PuTTY_Release_0.78 Sending client identifier... Done sending client identifier. Reading server version... initialDataFromSshServer: SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.3

    serverVersion: SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.3
    build_kexInit:
        kexPrefList: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group14-sha256,diffie-hellman-group1-sha1,diffie-hellman-group14-sha1,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1
        preferRsaHostKeyAlgorithm: 1
        hostKeyPrefList: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,rsa-sha2-256,rsa-sha2-512,ssh-ed25519,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
        cipherPrefList: chacha20-poly1305@openssh.com,aes128-ctr,aes256-ctr,aes192-ctr,aes128-cbc,aes256-cbc,aes192-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com,twofish256-cbc,twofish128-cbc,blowfish-cbc,3des-cbc,arcfour128,arcfour256
        macPrefList: hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-sha1-96,hmac-md5,none
        allowCompression: False
        (leaveContext)
    serverKex:
        KeyExchangeAlgs:
            algorithm: sntrup761x25519-sha512@openssh.com
            algorithm: curve25519-sha256
            algorithm: curve25519-sha256@libssh.org
            algorithm: ecdh-sha2-nistp256
            algorithm: ecdh-sha2-nistp384
            algorithm: ecdh-sha2-nistp521
            algorithm: diffie-hellman-group-exchange-sha256
            algorithm: diffie-hellman-group16-sha512
            algorithm: diffie-hellman-group18-sha512
            algorithm: diffie-hellman-group14-sha256
            algorithm: kex-strict-s-v00@openssh.com
            (leaveContext 1ms)
        HostKeyAlgs:
            algorithm: ssh-ed25519
            (leaveContext)
        EncCS:
            algorithm: chacha20-poly1305@openssh.com
            algorithm: aes128-ctr
            algorithm: aes192-ctr
            algorithm: aes256-ctr
            algorithm: aes128-gcm@openssh.com
            algorithm: aes256-gcm@openssh.com
            (leaveContext 1ms)
        EncSC:
            algorithm: chacha20-poly1305@openssh.com
            algorithm: aes128-ctr
            algorithm: aes192-ctr
            algorithm: aes256-ctr
            algorithm: aes128-gcm@openssh.com
            algorithm: aes256-gcm@openssh.com
            (leaveContext)
        MacCS:
            algorithm: umac-64-etm@openssh.com
            algorithm: umac-128-etm@openssh.com
            algorithm: hmac-sha2-256-etm@openssh.com
            algorithm: hmac-sha2-512-etm@openssh.com
            algorithm: hmac-sha1-etm@openssh.com
            algorithm: umac-64@openssh.com
            algorithm: umac-128@openssh.com
            algorithm: hmac-sha2-256
            algorithm: hmac-sha2-512
            algorithm: hmac-sha1
            (leaveContext 1ms)
        MacSC:
            algorithm: umac-64-etm@openssh.com
            algorithm: umac-128-etm@openssh.com
            algorithm: hmac-sha2-256-etm@openssh.com
            algorithm: hmac-sha2-512-etm@openssh.com
            algorithm: hmac-sha1-etm@openssh.com
            algorithm: umac-64@openssh.com
            algorithm: umac-128@openssh.com
            algorithm: hmac-sha2-256
            algorithm: hmac-sha2-512
            algorithm: hmac-sha1
            (leaveContext 1ms)
        CompCS:
            algorithm: none
            algorithm: zlib@openssh.com
            (leaveContext)
        CompSC:
            algorithm: none
            algorithm: zlib@openssh.com
            (leaveContext 1ms)
        LangCS:
            (leaveContext)
        LangSC:
            (leaveContext)
        ChosenIncomingEncryption: chacha20-poly1305@openssh.com
        ChosenOutgoingEncryptoin: chacha20-poly1305@openssh.com
        ChosenIncomingMac: hmac-sha1-etm@openssh.com
        ChosenOutgoingMac: hmac-sha1-etm@openssh.com
        ChosenIncomingCompression: none
        ChosenOutgoingCompression: none
        ChosenKexAlgorithm: curve25519-sha256
        choose_hostkey_algorithm:
            choose_userauth_rsa_algorithm:
                (leaveContext 1ms)
            (leaveContext 1ms)
        ChosenHostKeyAlgorithm: ssh-ed25519
        (leaveContext 6ms)
    numBits: 256
    pbits: 4096
    Using Curve25519.
    sendCurve25519Init:
        Sent: SSH2_MSG_KEX_ECDH_INIT
        (leaveContext 2ms)
    computeExchangeHash:
        dhReplyMsgType: 31
        serverVersion: [SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.3]
        Computing exchange hash for Curve25519
        (leaveContext 1ms)
    verifyHostKey:
        SSH_HOSTKEY_ED25519 ...
        m_hostKey: 0000000B7373682D65643235353139000000208AE662F085C89B8C83A60E809998776C16F4E83C22B00F713684EB6B0835E443
        m_sigH: 0000000B7373682D6564323535313900000040BAE7B46062DDE944F7B019815C6E7464184CD97CB945B5BC4CD5A6039ACC57C2B09F3010B71E966181EEF6676D34F954CA5E8B73C1282E1ED32C03E3F8E97B02
        ed25519VerifyHostKey:
            keyType: ssh-ed25519
            keyLen: 32
            sigName: ssh-ed25519
            sigLen: 64
            (leaveContext 3ms)
        ED25519 host key signature verification success
        ed25519HostKeyFingerprint:
            (leaveContext)
        (leaveContext 3ms)
    calculateKey:
        (leaveContext)
    calculateKey:
        (leaveContext 1ms)
    calculateKey:
        (leaveContext)
    calculateKey:
        (leaveContext)
    calculateKey:
        (leaveContext)
    calculateKey:
        (leaveContext)
    Sending newkeys to server...
    Expecting newkeys from server...
    SSH Key Exchange Success.
    installNewKeys:
        m_isRekey: 0
        No outgoing compression.
        No incoming compression.
        Outgoing encryption is now chacha20-poly1305@openssh.com
        Incoming encryption is now chacha20-poly1305@openssh.com
        (leaveContext 1ms)
    (leaveContext 132ms)
socketOptions:
    SO_SNDBUF: 263536
    SO_RCVBUF: 4194304
    TCP_NODELAY: 4
    SO_KEEPALIVE: 8
    (leaveContext)
Starting tunnel manager thread...
Tunnel manager thread started.
Success.
(leaveContext 324ms)

AuthenticatePK: DllDate: Jun 27 2023 ChilkatVersion: 9.5.0.94 UnlockPrefix: HANKNS UnlockStatus: 2 Architecture: Little Endian; 64-bit Language: Cocoa Objective-C VerboseLogging: 1 login: george.g sshAuthenticatePk: keyFingerprint: ssh-rsa 2048 56:a3:a6:c2:70:88:5c:5a:a1:d1:93:33:3d:d4:2f:ce requestUserAuthService: sendServiceRequest: svcName: ssh-userauth SentServiceReq: ssh-userauth (leaveContext) ssh-userauth service accepted. (leaveContext 201ms) Using an RSA key. keyToPublicKeyBlob: (leaveContext) dbPkBlob_qp: [=00=00=00=07ssh-rsa=00=00=00=03=01=00=01=00=00=01=01=00=98 =84b=91=8D=D3=9Aw=AC^=B2=C0=A0=B5=1E=A3=1F=04=EF=ACC=10HC=8D=A4W1L=D3=EE=12=F3%=07k=E1=D4"=AE)J=04=B6&=1A=E0%=96S=D08=FA=0F>=08[B=06=03=C2=F3S=00]=01=13=18IZ=C69=D7=A3=D5=0FP-hz=ECu=1A=DC4=01=F1=AA=E0=91=A2=87!=F85x[=EDn=C7=9E=F7tv=F1tv=EA=DE"=FE=05=E6:=B2=17dIO=BC=E2=A6=B6=3D=FF=7F=B4=0FkGW=F8x=96=C4V=A1=0D=02|=9DX=EC)8|d=AC=D7=EE=A9=13=D36)=A1=82=CB'=A5ZY=C2=DF=14/=93(=01=BD=CC=87=9D=E9L=14T=CB1A=E0~=F9=AC=CD=F3=8A=96=CB(=E2=CA=18Xj=E33=12=E9=B4=B9B=EA=94~:=80=E9=1C8=E7=CC} =14jNd=1C(=0C=C2=FCn=CFfyg=FA=ED=90=D4p=C5=83=809[=F1p=F0%=C9=132f=E4=0D=D6=E3=B0=F6=C0=8FA] Sent public-key request. AuthList: publickey Proceeding with publickey authentication... padAndSignHash: keyType: Private hashInSize: 20 padding: PKCS v1.5 HashOid: 1.3.14.3.2.26 (leaveContext 8ms) rsaSigLen: 256 Sent public-key request with signature. hostKeyAlg: 4 Authentication failed or partial success. (4) PartialSuccess4: 0 When partial success is 0, it means you are not using the correct private key that corresponds to the public key installed in the SSH user account. Also, to force Chilkat to continue with password authentication even if the public-key authentication fails, set UncommonOptions = "PubkeyOrPassword". AuthList: publickey Publickey authentication failed.. (leaveContext 290ms) Failed. (leaveContext 292ms) 2024/06/07 02:08:03:305 SSH tunnel failed after 0.80 seconds with error: Failed to authenticate via private key. Authentication failed or partial success. (4) 2024/06/07 02:08:03:305 Not accepting 2024/06/07 02:08:03:305 Not connected 2024/06/07 02:08:03:305 initializeSSH (allow pool) took 0.82 seconds. 2024/06/07 02:08:03:305 doConnect databaseClient->connect finished 2024/06/07 02:08:03:305 setDBC: connectionId: 95C750ED-BA99-4957-A540-E59258EBF8DA-86510-00007DAAB05B7F2A 2024/06/07 02:08:03:306 checkSSHFingerprintError returning NO 2024/06/07 02:08:03:306 HSMinimumDelay need to wait 0.18 seconds (elapsed was 0.82). 2024/06/07 02:08:03:489 HSMinimumDelay after delay, elapsed is: 1.00 seconds. 2024/06/07 02:08:03:491 SQLProConnectingWindowController endSheetWithReturnCode: OK 2024/06/07 02:08:03:493 Failed to connect with error: Failed to authenticate via private key. Authentication failed or partial success. (4) 2024/06/07 02:08:03:494 Clearing internal database connection details. 2024/06/07 02:08:03:494 setDBC: nil

hankinsoft commented 2 weeks ago

Is there any chance you could provide a test ssh setup that I could use to reproduce this? The authentication error message is saying it thinks the password is wrong.

hotdogtherapper commented 2 weeks ago

Is there any chance you could provide a test ssh setup that I could use to reproduce this? The authentication error message is saying it thinks the password is wrong.

Can you email me privately via george.g [at] gojilabs.com ?

hankinsoft commented 2 weeks ago

Done. It will come from kyle @ hankinsoft.com.