Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Key mismatch #153

Open
mdcclxv opened this issue Jun 10, 2021 · 8 comments
Open

Key mismatch #153

mdcclxv opened this issue Jun 10, 2021 · 8 comments

Comments

@mdcclxv
Copy link

mdcclxv commented Jun 10, 2021
edited

Hi there,

I'm trying to open a SSH tunnel on a production server using the following command line:

mole start local --verbose --source 10.1.1.12:3306 --destination REMOTE_MYSQL_IP:3306 --server user@REMOTE_LINUX_BOX_IP:22 --key <path_to\private_key>

and I get the following error:

ssh: handshake failed: knownhosts: key mismatch

The ssh config file being used is the right one, in my profile:

using ssh config file from: C:\\Users\\Katy\\.ssh\\config

I have PuTTY and PhpStorm connecting successfully, with the same tunnel working under PuTTY, so it's definitely NOT a key mismatch.

Any ideas?

Thanks.
@davrodpin
Copy link
Owner

Hi @mdcclxv,

The key mismatch error happens when the ssh client does not find the right entry on $HOME/.ssh/knownhosts.

Can you check if your knownhosts file have multiple entries for REMOTE_MYSQL_IP?

@mdcclxv
Copy link
Author

mdcclxv commented Jun 10, 2021
edited

No no, you got that wrong, the REMOTE_MYSQL_IP is the destination of the tunnel, the key is used for authorizing on the Linux box when connecting via SSH. I have no entries for that in knownhosts. And no duplicates for the REMOTE_LINUX_BOX_IP. If that was the case then PuTTY and PhpStorm should be failing too.

@davrodpin
Copy link
Owner

No no, you got that wrong, the REMOTE_MYSQL_IP is the destination of the tunnel, the key is used for authorizing on the Linux box when connecting via SSH.

My bad, I meant multiple entries for REMOTE_LINUX_BOX.

@mdcclxv
Copy link
Author

mdcclxv commented Jun 10, 2021
edited

You replied while I was editing the previous answer :)
No duplicates for the REMOTE_LINUX_BOX_IP, I checked. If that was the case then PuTTY and PhpStorm should be failing too.

@davrodpin
Copy link
Owner

You replied while I was editing the previous answer :)
No duplicates for the REMOTE_LINUX_BOX_IP, I checked. If that was the case then PuTTY and PhpStorm should be failing too.

But did you find an entry for it?

Can you try with --insecure, which makes mole to ignore the host key validation?

@mdcclxv
Copy link
Author

mdcclxv commented Jun 10, 2021

Yes, there is one entry. I tried with --insecure, this is what I got:
connection to the ssh server is established bind: An attempt was made to access a socket in a way forbidden by its access permissions

I also tried with the CMD window running as Administrator, same error.

@mdcclxv
Copy link
Author

mdcclxv commented Jun 10, 2021

Nevermind, my local copy of MySQL 5.7 was listening on 0.0.0.0:3306 although I configured it to only listen on 10.1.1.11. It seems that I hit a bug in MySQL. It's working with --insecure.

So, what's the next step? That --insecure option is making me uneasy, what's the risk?

@davrodpin
Copy link
Owner

Hi @mdcclxv, are you still facing the same issue? We might have a problem with the library used to parse the known_hosts files not being able to understand old records. Would that be your case, having an old known_hosts entry?

I can update to the latest version but I have no way to validate it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@davrodpin @mdcclxv