Bug #84717 | SSH Connection error | ||
---|---|---|---|
Submitted: | 30 Jan 2017 11:04 | Modified: | 4 Jan 2019 13:49 |
Reporter: | Howard Nodine | Email Updates: | |
Status: | Won't fix | Impact on me: | |
Category: | MySQL Workbench | Severity: | S2 (Serious) |
Version: | 6.3.8 | OS: | Linux (CentOS Linux release 7.3.1611 Core) |
Assigned to: | CPU Architecture: | Any | |
Tags: | WBBugReporter |
[30 Jan 2017 11:04]
Howard Nodine
[31 Jan 2017 12:32]
MySQL Verification Team
Please provide the output of: yum info python2-crypto Thanks.
[31 Jan 2017 13:06]
Howard Nodine
Installed Packages Name : python2-crypto Arch : x86_64 Version : 2.6.1 Release : 13.el7 Size : 2.2 M Repo : installed From repo : epel-testing Summary : Cryptography library for Python 2 URL : http://www.pycrypto.org/ License : Public Domain and Python Description : PyCrypto is a collection of both secure hash functions (such as MD5 and : SHA), and various encryption algorithms (AES, DES, RSA, ElGamal, etc.). : : This is the Python 2 build of the package.
[2 Feb 2017 12:28]
MySQL Verification Team
Thank you for the feedback. Please try to change python2-crypto from epel-testing for the epel one as workaround. Thanks.
[6 Feb 2017 16:25]
David Wasson
I get the same error and have the package installed from epel repo. Output of yum info python2-crypto: Name : python2-crypto Arch : x86_64 Version : 2.6.1 Release : 13.el7 Size : 2.2 M Repo : installed From repo : epel Summary : Cryptography library for Python 2 URL : http://www.pycrypto.org/ License : Public Domain and Python Description : PyCrypto is a collection of both secure hash functions (such as : MD5 and SHA), and various encryption algorithms (AES, DES, RSA, : ElGamal, etc.). : : This is the Python 2 build of the package.
[16 Feb 2017 19:16]
Greg Blumenthal
Same problem on Linux Mint 18 (Ubuntu 16.04) Package: python-crypto State: installed Automatically installed: no Version: 2.6.1-6ubuntu0.16.04.1 Priority: optional Section: python Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> Architecture: amd64 Uncompressed Size: 1,421 k Depends: python (< 2.8), python (>= 2.7~), python:any (>= 2.7.5-5~), libc6 (>= 2.14), libgmp10 Suggests: python-crypto-dbg, python-crypto-doc Conflicts: python-crypto:i386 Provides: python2.7-crypto Description: cryptographic algorithms and protocols for Python A collection of cryptographic algorithms and protocols, implemented for use from Python. Among the contents of the package: * Hash functions: HMAC, MD2, MD4, MD5, RIPEMD160, SHA, SHA256. * Block encryption algorithms: AES, ARC2, Blowfish, CAST, DES, Triple-DES. * Stream encryption algorithms: ARC4, simple XOR. * Public-key algorithms: RSA, DSA, ElGamal. * Protocols: All-or-nothing transforms, chaffing/winnowing. * Miscellaneous: RFC1751 module for converting 128-bit keys into a set of English words, primality testing, random number generation. Homepage: http://www.pycrypto.org/
[16 Feb 2017 19:20]
Greg Blumenthal
This caused it: python-crypto (2.6.1-6ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: throw exception when IV used with ECB or CTR - debian/patches/CVE-2013-7459.patch: force exception when IV used ECB/CTR - CVE-2013-7459.patch -- Emily Ratliff <emily.ratliff@canonical.com> Tue, 14 Feb 2017 16:05:02 -0600
[16 Feb 2017 20:12]
Greg Blumenthal
Note: blowfish and arcfour are NOT accceptable workarounds
[17 Feb 2017 9:17]
Peep Puijenbroek
This is also happening on 6.3.9 09:55:57 [INF][ WBContext]: Connection to PROD cancelled by user: Tunnel connection cancelled 09:55:59 [INF][ SSH tunnel]: Existing SSH tunnel not found, opening new one 09:55:59 [INF][ SSH tunnel]: Opening SSH tunnel to 185.87.249.139 09:56:00 [ERR][sshtunnel.py:notify_exception_error:235]: Traceback (most recent call last): File "/usr/share/mysql-workbench/sshtunnel.py", line 303, in _connect_ssh look_for_keys=has_key, allow_agent=has_key, timeout=SSH_CONNECTION_TIMEOUT) File "/usr/lib/python2.7/dist-packages/paramiko/client.py", line 325, in connect t.start_client() File "/usr/lib/python2.7/dist-packages/paramiko/transport.py", line 492, in start_client raise e ValueError: CTR mode needs counter parameter, not IV 09:56:00 [INF][ SSH tunnel]: TunnelManager.wait_connection authentication error: Authentication error, unhandled exception caught in tunnel manager, please refer to logs for details 09:56:00 [ERR][ SSH tunnel]: Authentication error opening SSH tunnel: Authentication error, unhandled exception caught in tunnel manager, please refer to logs for details 09:56:02 [INF][ WBContext]: Connection to TEST cancelled by user: Tunnel connection cancelled
[17 Feb 2017 10:01]
MySQL Verification Team
https://bugs.mysql.com/bug.php?id=85041 marked as duplicate of this one.
[17 Feb 2017 10:48]
Marcin Szalowicz
Hello, as a workaround please try to update paramiko manually according to this manual: http://mysqlworkbench.org/2015/03/paramiko-update-tutorial/ Let us know if this works for you.
[17 Feb 2017 19:06]
Zlatko Zlatev
Manually updating paramiko to 2.1.1 resolved it for me. Thanks.
[17 Feb 2017 23:23]
MySQL Verification Team
https://bugs.mysql.com/bug.php?id=85057 marked as duplicate of this one.
[30 Mar 2017 10:21]
mario gomes
I'm also experiencing this problem on Windows both x86 and x64 versions, and if I try to update paramiko to 2.1.1 or 2.1.2, I get a different error saying "cannot start ssh tunnel manager". The log shows: [ERR][python]: Error running file C:\Program Files\MySQL\MySQL Workbench 6.3 CE\sshtunnel.py [WRN][]: Tunnel manager could not be executed So for my the workaround its not working.
[23 Jun 2017 15:41]
Mio Taalas
Can confirm Tested on windows 7 x64 workbench 6.3.9 Using mySQL 5.5.5-0+deb8u1 server on Raspbian Tried to manually replace paramiko with newer one but gives new error.
[17 Oct 2018 9:36]
Marnus van Niekerk
Setting the cyphers (server side) solved it for me with Mint 19 on client side. Ciphers blowfish-cbc,aes128-ctr,aes192-ctr,aes256-ctr
[4 Jan 2019 13:49]
Marcin Szalowicz
Posted by developer: Workbench doesn't use Paramiko anymore.