ssh tunnel?

**AndrewT** · 07-10-2009, 12:34 PM

What are you using for the tunneling? You may want to try using PuTTY for this as well since you've noted that it is able to connect.

**galanta** · 07-10-2009, 04:12 PM

The software is called Premiusoft Navicat and it is for handling mysql databases, something like phpmyadmin but locally installed.

The software includes an option to connect via internet, using ssh tunneling, and it worked fine until 3 days ago.

I can't use putty because it is only a command line tool. Navicat is a GUI and has to do only with MySQL.

In the connection settings I am using the domain name, since I don't have a static IP.

**AndrewT** · 07-10-2009, 04:27 PM

You can also use PuTTY for the tunneling and then use Navicat to just connect to MySQL as if it were on your localhost.

**galanta** · 07-10-2009, 05:52 PM

Thanks for the suggestion. Though it is not very convenient for me, first because I am not so familiar with Putty and the whole procedure, second because I want to connect to multiple mysql servers in this way and third, because the actual localhost also runs mysql. I am not sure, but that might create a problem.

I think it has something to do with the server, because no software settings have been altered, and at the same time, I can use it to connect to another dedicated server, in the same way.

I don't have the technical knowledge to investigate the issue. Maybe some settings on the server side changed, such as timeout or something like that?

If there is something you can think about it and if it still doesn't break any policies, please let me know. I repeat that the problem exists in the past 2-3 days, if this helps. (any changes made in this period maybe)

THanks.

**AndrewT** · 07-11-2009, 12:33 AM

You can configure a separate PuTTY instance for each tunnel and you can change the port for each to whatever you like so that they do not conflict with anything.

The error message provided by your program is clearly not the actual problem as you are able to connect to the very same service with a different piece of software without any issue. The program seems to be hiding the details of the underlying problem. I'm just offering advice based on the fact that PuTTY works.

**galanta** · 07-11-2009, 03:27 AM

I appreciate your advice and I don't wan to recycle the situation. Just to summarize:

1. This tool worked for years and doesn't in the past 3 days, no new version was installed, no settings altered

2. The same tool keeps working on another remote server which is a semi dedicated box

3. Other software tools, such as putty, and also filezilla, which I use with sftp, are able to connect via ssh.

4. The returned error by navicat is indeed not very informative, but mentions a 'timeout' issue.

I believe, based on the above, that the 'problem' resides on the server and probably involves a configuration change made in the past few days and concerns the sshd or maybe some firewall setting.

As I am not very familiar with these concepts, maybe what I say is totally irrelative. Also, if there were no configuration changes at all in the previous days, maye there could be a restart of the ssh service, just in case....

Thanks anyway for your time.

ps: I want to leave putty as my last choice but if I can't avoid it, I will use it.

**galanta** · 07-11-2009, 03:43 AM

update:

installing a newer navicat version, the problem persists, but now there is a more informative message:

80070007: SSH Tunnel: The negotiation of encryption algorithm is failed

I don't know if this gives a better view on the situation and if there is something we can do on the server side.

**AndrewT** · 07-11-2009, 09:12 AM

Please go ahead and submit a ticket concerning this.

**Pedja** · 07-17-2009, 02:28 AM

I have similar problem on cpanel60. Putty says:

Couldn't agree a client-to-server cipher (available: aes128-ctr, aes256-ctr, arcfour256, arcfour)

I noticed this today. Few days ago everything was fine.

**AndrewT** · 07-17-2009, 06:40 AM

The latest version of PuTTY does not have this problem.

**netmaximum** · 07-18-2009, 02:15 PM

Originally posted by Pedja

I have similar problem on cpanel60. Putty says:

Couldn't agree a client-to-server cipher (available: aes128-ctr, aes256-ctr, arcfour256, arcfour)

I noticed this today. Few days ago everything was fine.

That's the error I get too when I try to ssh/sftp to cpanel61. It used to work until recently.

**AndrewT** · 07-18-2009, 02:29 PM

The latest version of PuTTY works just fine for SSH. For SFTP the latest version of FileZilla works. Otherwise you can try upgrading your particular client software to the latest version but I can say for sure that those two work.

**galanta** · 07-18-2009, 04:46 PM

Dear Andrew

Having been the first one to report this, with Navicat, although I found a solution with that which doesn't involve ssh, and although I can confirm that Filezilla does work with cpanel61, I wonder, since I see others having difficulties, if it is possible to broaden the ciphers supported by our servers in order to be able to have more solutions available.

It might be a solution to use putty or filezilla (both great software) but in general, if somebody needs another kind of software, it could be very difficult to wait until a new version comes out and supports everything necessary.

Just for some thought... unless of course, it is of critical importance as far as security is concerned. Thanks.

**AndrewT** · 07-18-2009, 04:52 PM

Per our discussion in your ticket, the supported ciphers were changed as a security precaution.

We've had a few people submit tickets concerning this same problem and each time a simple update to the latest version of their client software resolved their issue. The only exception so far has been in your case due to the limited ciphers supported in your software.

ssh tunnel?

ssh tunnel?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment