Problem connecting to OpenSSH 6.9+

sthensthen Posts: 4
Source Control can't connect to OpenSSH 6.9 and newer (as used in OS X El Capitan, and OpenBSD 5.8). On the client side there's a long delay followed by a failure to connect. On the server, "error: Hm, kex protocol error: type 30 seq 1 [preauth]" is logged. This is because OpenSSH now requires RFC4419 key exchange unless the client string matches a list of software known not to implement this.

Support for this has been added to PuTTY (http://tartarus.org/~simon-git/gitweb/? ... 97840245b0), so the best fix would probably be to update the embedded copy of PuTTY to 0.65 (which has some other fairly important fixes too). It's not a new RFC (from 2006), it just took PuTTY a while to add this.

If there are too many local changes and updating is difficult, a quick but bad workaround would be to change the client string from the current "PuTTY_Unidentified_Local_Build" to something that matches the list of putty versions in ssh's compat.c having the SSH_OLD_DHGEX flag.

Comments

  • Eddie DEddie D Posts: 1,648 Rose Gold 5
    Hi

    Thank you for your forum post.

    SQL Source Control V4, is a plug-in to Microsoft's SQL Server Management Studio (SSMS). SSMS uses Windows or SQL Server authentication to connect to the Microsoft SQL Server Instance you wish to manage. Have you posted this topic in the correct Redgate Forum?

    Many Thanks
    Eddie
    Eddie Davis
    Product Support Engineer
    Redgate Software Ltd
    Email: [email protected]
  • Thanks for the reply Eddie. This is about connecting to a Subversion repository (using svn+ssh) to commit changes, not for connecting to the database server.
  • Hi,

    I am afraid that currently SQL Source Control doesn't support this type of connection.
    I've discussed this with our development team, and we don't explicitly include PuTTY in SQL Source Control.
    The workaround in these cases would be to link to a working folder and then use a third party tool to push/pull into the repository.

    Thank you,
    Sergio
    Product Support Engineer
    Redgate Software Ltd
    Please see our Help Center for detailed guides on how to use our tools
  • It does support this type of connection. We found that SQL Source Control was using SharpPlink-x64.svnExe which is derived from PuTTY's plink program. Removing the 64-bit version was actually enough to get it to work without having to modify the server so perhaps the 32-bit version was updated at some point and the 64-bit one not.
Sign In or Register to comment.