MySQL/MariaDB 的 SSH 隧道在 MacOS Ventura 上不再起作用,但在 Monterey 上可以正常工作

MySQL/MariaDB 的 SSH 隧道在 MacOS Ventura 上不再起作用,但在 Monterey 上可以正常工作

我一直使用简单的 SSH 隧道从本地 Mac 连接到远程数据库服务器。这在 Monterey 上运行良好,但在 Ventura 上却停止工作。

我设置了公钥,并已验证我可以在两个操作系统上通过 ssh 进入远程服务器,也就是说不是似乎与以下问题有关:Ventura 不再支持某些较旧的 SSH 加密机制但为了确保万无一失,我设置了一个 ED25519 私钥/公钥对,用于连接远程服务器:

debug1: Server accepts key: /Users/xxx/.ssh/id_ed25519 ED25519 SHA256:xxx/U
debug3: sign_and_send_pubkey: using publickey with ED25519 SHA256:xxx/U
debug3: sign_and_send_pubkey: signing using ssh-ed25519 SHA256:xxx/U
debug3: send packet: type 50
debug3: receive packet: type 52
Authenticated to remote_host> ([remote_host>]:<remote_ssh_port>) using "publickey".

以下是重现步骤 - 我使用 18881 作为本地端口:

  1. 建立 SSH 隧道 ssh -p <remote_ssh_port> <remote_ssh_user>@<remote_host> -Nf -L 127.0.0.1:18881:127.0.0.1:3306

  2. 通过 mysql 建立数据库连接 mysql --user=<remote_db_user> --password=<remote_db_password> --host=127.0.0.1 --port=18881

现在,当我运行上述序列时,我在蒙特雷上运行它时得到了 MySQL 提示......

Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 1088
Server version: 10.5.15-MariaDB-0+deb11u1 Debian 11

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

但在 Ventura 上,我只能

ERROR 2002 (HY000): Can't connect to server on '127.0.0.1' (60)

尽管似乎有一个进程正在监听 -netstat -an | grep 18881返回

tcp4       0      0  127.0.0.1.18881        *.*                    LISTEN   

在 Ventura 上运行,而如果我在 Monterey 上运行它,我会看到成功建立的连接:

tcp4       0      0  127.0.0.1.18881        127.0.0.1.61873        ESTABLISHED
tcp4       0      0  127.0.0.1.61873        127.0.0.1.18881        ESTABLISHED
tcp4       0      0  127.0.0.1.18881        *.*                    LISTEN     

当我以详细模式 (-v -v -v) 运行 ssh 隧道时,我看到 Ventura 中什么也没有发生,而在 Monterey,正如预期的那样,我看到

debug1: Connection to port 18881 forwarding to 127.0.0.1 port 3306 requested.
debug2: fd 7 setting TCP_NODELAY
debug3: fd 7 is O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 1: new [direct-tcpip]
debug3: send packet: type 90
debug3: receive packet: type 91
debug2: channel 1: open confirm rwindow 2097152 rmax 32768

但是,我可以建立一个到其他服务的 SSH 隧道,即如果我将 MySQL 端口 3306 与 SSH 端口本身交换并运行

ssh -p <remote_ssh_port> <remote_ssh_user>@<remote_host> -Nf -L 127.0.0.1:18881:127.0.0.1:22

ssh -p 18881 <remote_ssh_user>@127.0.0.1然后我就可以毫无问题地通过 ssh 进入远程机器。

并且...我在使用 MariaDB(mysql Ver 15.1 Distrib 10.9.3-MariaDB,用于 osx10.17 (x86_64) 使用 EditLine 包装器)客户端库时出现了 abobe 错误;我切换到 MySQL(用于 x86_64 上的 macos13.0 的 Ver 8.0.31)...并得到了不同的错误:ERROR 2013 (HY000): Lost connection to MySQL server at 'reading initial communication packet', system error: 0隧道输出如下:

debug1: Connection to port 18881 forwarding to 127.0.0.1 port 12998 requested.
debug2: fd 7 setting TCP_NODELAY
debug3: fd 7 is O_NONBLOCK
debug3: fd 7 is O_NONBLOCK
debug1: channel 1: new [direct-tcpip]
debug3: send packet: type 90
debug3: receive packet: type 91
debug2: channel 1: open confirm rwindow 2097152 rmax 32768
debug2: channel 1: read failed rfd 7 maxlen 32768: Broken pipe
debug2: channel 1: read failed
debug2: chan_shutdown_read: channel 1: (i0 o0 sock 7 wfd 7 efd -1 [closed])
debug2: channel 1: input open -> drain
debug2: channel 1: ibuf empty
debug2: channel 1: send eof
debug3: send packet: type 96
debug2: channel 1: input drain -> closed
debug3: receive packet: type 96
debug2: channel 1: rcvd eof
debug2: channel 1: output open -> drain
debug2: channel 1: obuf empty
debug2: chan_shutdown_write: channel 1: (i3 o1 sock 7 wfd 7 efd -1 [closed])
debug2: channel 1: output drain -> closed
debug3: receive packet: type 97
debug2: channel 1: rcvd close
debug3: channel 1: will not send data after close
debug2: channel 1: send close
debug3: send packet: type 97
debug2: channel 1: is dead
debug2: channel 1: garbage collecting
debug1: channel 1: free: direct-tcpip: listening port 18881 for 127.0.0.1 port 12998, connect from 127.0.0.1 port 55652 to 127.0.0.1 port 18881, nchannels 2

有什么想法我可以做些什么来使 SSH 隧道为 Ventura 上的 MySQL 工作?

相关内容