| Bug #49981 | RSA key file specified for SSH tunneling within Workbench Admin overwritten | ||
|---|---|---|---|
| Submitted: | 29 Dec 2009 22:31 | Modified: | 30 Jan 2010 10:52 |
| Reporter: | Ben Bonnell | Email Updates: | |
| Status: | No Feedback | Impact on me: | |
| Category: | MySQL Workbench | Severity: | S2 (Serious) |
| Version: | 5.2.11 OSS Beta Rev 4842 | OS: | Windows |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | ssh rsa id file known_hosts | ||
[29 Dec 2009 23:28]
Ben Bonnell
Since filing this report, I've realized that the reason this version seemed to be marked as GA was that I had not allowed scripts from the aolcdn.com domain. This caused the download page to break and only show the most recent (beta)version. However, the EOL note dated December 18 2009 suggests that Workbench 5.2 replaced the Query Browser and Administrator. It appears that this transition was begun just before the(Christmas and New Years)holidays and was not quite completed (still marked as Beta, on Beta tab, but apparently the current replacement for the browser and admin tools).
[30 Dec 2009 10:52]
Susanne Ebrecht
Many thanks for writing a bug report. Please don't change category here again. Information about Workbench you can find here: http://wb.mysql.com We have some problems with SSH at the moment. There are still some bugs in SSH connection. But overwriting the key with known host is something I never saw before. This really seems to be related to cygwin. Would you please test if you have same problems without cygwin. I couldn't reproduce without cygwin. Here is the link about all our active bugs for Workbench that are SSH related. http://bugs.mysql.com/search.php?search_for=ssh&bug_type[]=MySQL+Workbench&status[]=Active...
[9 Jan 2010 22:51]
[ name withheld ]
I confirm that I've had my (DSA) key overwritten by WB, *twice*. I do have Cygwin installed. I would've reported this myself, but I don't have a reliable way to reproduce. It seems pretty obvious that WB should never, ever write to the key file, and it should only append to known_hosts with the user's consent. So there are probably two bugs: - WB sometimes wants to write to known_hosts, and writes to the key file instead - WB fails to ask for permission to write to known_hosts
[13 Jan 2010 20:43]
Wiebe Geldenhuys
I can confirm that this is the case for myself as well. Happened twice in a row. I get an exception when I make the key file read only.
[31 Jan 2010 0:00]
Bugs System
No feedback was provided for this bug for over a month, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open".
Description: I downloaded the latest GUI tools (Workbench 5.2.11, marked as GA and Beta!?) and tried to establish a "New Server Instance" using a non-default ssh port and an rsa id file (no ssh password). When I tried to establish the connection, I received a "Not a valid DSA private key file" error message. I checked the key file and it had been overwritten with the contents of a known_hosts file. I then replaced and tested the id file using a cygwin ssh client, which worked, then repeated to verify that the Workbench Admin connection attempt was causing the problem (it was). The problem does not seem to exist within the SQL development portion of the Workbench ("New Connection" / "Manage Connections"). It's unclear if this problem only exists when Cygwin open ssh is also installed. How to repeat: 1.) click "New Server Instance" 2.) remote host: xxxx, NEXT... 3.) OS: xxx (I'm using RHEL), NEXT... 4.) update ssh port (might be related) 5.) check "Authenticate Using SSH Key" and browse to rsa id key 6.) click NEXT... and verify the id file has been overwritten Suggested fix: - This version of Workbench is probably not supposed to be promoted to GA yet so that should be evaluated. - Even so, the problem is destructive and should be considered serious since it will overwrite a working id file (I'd be sunk if I didn't have a backup)