Devart Forums

Discussion forums for open issues and questions concerning database tools, data access components and developer tools from Devart
https://forums.devart.com/

Connect by SSH tunneling

https://forums.devart.com/viewtopic.php?f=2&t=28784

Page 1 of 1

Connect by SSH tunneling

Posted: Thu 23 Jan 2014 17:08
by imre.dudas
Hello,

I want to connect to a MySQL database through SSH tunnel in the way that the SSH user would log in with a private key with passthrase.

I have a problem with this: If I want to convert the key to pem format for EntityFramework, the passthrase can be anything, it lets me login to the server. I wouldn't like it to be so. What I would like is that my code should contain the passthrase for the sake of higher safe. So far, If anyone could obtain the key, he could login to the server using SSH. That's the reason why I wouldn't like that.

What I did so far is the following:

On Linux server:

ssh-keygen -t rsa

I specify a passthrase when required.

Of course, I copy the public key into the file named authorized_keys .

I convert the rsa file to pem.

openssl rsa -in id_rsa -outform pem > server.key

This is the time when such a pem file is created that somehow contains the passthrase, because it is enough to replace the keys in order my client programs to login.

How should i convert my id_rsa file generated by ssh-keygen so that EntityFramework could use the key file and passthrase password when connecting?

Thank you in advance.

Best regards,

Imre

Re: Connect by SSH tunneling

Posted: Tue 28 Jan 2014 15:17
by Pinturiccio
imre.dudas wrote:How should i convert my id_rsa file generated by ssh-keygen so that EntityFramework could use the key file and passthrase password when connecting?
You can use the id_rsa file in order to use a key with Entity Framework.

Please tell us what difficulties you encountered when working with a key in the id_rsa format.

Re: Connect by SSH tunneling

Posted: Fri 31 Jan 2014 11:58
by imre.dudas
Pinturiccio wrote:
imre.dudas wrote:How should i convert my id_rsa file generated by ssh-keygen so that EntityFramework could use the key file and passthrase password when connecting?
You can use the id_rsa file in order to use a key with Entity Framework.

Please tell us what difficulties you encountered when working with a key in the id_rsa format.
I give an error: "invalid IV length" if i try id_rsa file.

Re: Connect by SSH tunneling

Posted: Mon 03 Feb 2014 15:01
by Pinturiccio
We have reproduced the issue. We will investigate it and post here about the results as soon as possible.

Re: Connect by SSH tunneling

Posted: Thu 06 Feb 2014 15:51
by Pinturiccio
We have investigated the issue. Key, generated by the ssh-keygen utility can cause difficulties, because these keys are encrypted using the AES algorithm. In order to use such key you need to convert it, for example, using OpenSSL, as you did before.

You have executed OpenSSL with the following parameters:

Code: Select all

openssl rsa -in id_rsa -outform pem > server.key
Such call removes the AES encryption and results in an unencrypted private key server.key. You need to add an encryption parameter to encrypt your key and use it with a passphrase:

Code: Select all

openssl rsa -in id_rsa -outform pem -des3 -out server.key
After starting this command, you will be prompted to enter the passphrase to remove the AES encryption. Then you will be prompted to enter a new passphrase to encrypt the key using DES. After this you will get the key that can be used with our provider.
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/