1

I'm using the following code to export a copy of MySql database on a remove server using SSH.NET:

using (SshClient client = new SshClient(sshConnectionInfo))
{
    client.Connect();

    //strCmd is:
    //  mysqldump -h "<server>.dreamhosters.com" -u "<dbuser>" -p"<actual_password>" "<dbid>" > "/home/<user_name>/<temp_file_name>.sql"
    //
    //  with <...> parts are obviously filled in with correct credentials
    SshCommand resCmd = client.RunCommand(strCmd);

    //Check result
    string strExpDesc = resCmd.Error;
    if (string.IsNullOrWhiteSpace(strExpDesc))
    {
        Console.WriteLine("Exported OK");
    }
    else
    {
        Console.WriteLine("Error: " + strExpDesc);
    }
}

This worked really well until this month when the shared hosting company (that my database is hosted with) had upgraded their version of Ubuntu server, so the mysqldump command above started returning the following warning:

[Warning] Using a password on the command line interface can be insecure.

Which my script interprets as an error and fails.

I contacted the hosting company, but their tech support was less than useful. They told me to type in the password instead of specifying it in the command line. Thus my questions:

  1. How to use SSH.NET to interact with the remote server via SSH and send it the password after its prompt?

  2. Otherwise, can I mute that warning from my script w/o having access to the server configuration?

c00000fd
  • 20,994
  • 29
  • 177
  • 400

2 Answers2

0

The normal approach to suppressing that warning from MySQL is to put the username and password in an options file, and include the options file in in place of the -u and -p , using the --defaults-extra-file option, e.g. 

mysqldump --defaults-extra-file=/path/config.cnf -h "myhost" "<dbid>"

(NOTE: if it's provided, the --defaults-extra-file option must be first option.)

The file would have the user and password options under the [mysqldump] section, something like:

[mysqldump]
user=jonsnow
password=kn0wsn0thing

The credentials could be provided in the [client] section of the optionas file. Since mysqldump is a "standard client" it reads the [client] section.

[client]
user=alannister
password=alwayspayshisdebts

The options file should be properly protected, since it contains credentials. Read permission should be restricted, only the unix user that is connecting via ssh.

chown sshuser /path/config.cnf
chmod 600 /path/config.cnf

(where sshuser is the username used in the ssh connection)

I think there may also be some specific paths and filenames that are automatically included as options files, if they are found, when mysqldump starts. Similar to how MySQL server finds the my.cnf file when it starts. It might be possible to leverage that, in place of explicit --defaults-extra-file option.

MySQL Reference Manual explains usage of options files here:

https://dev.mysql.com/doc/refman/8.0/en/option-files.html

spencer7593
  • 106,611
  • 15
  • 112
  • 140
0

You can write the credentials to input of the remote mysqldump process. But SSH.NET unfortunately does not support providing an input with the CreateCommand interface.

You have to open a shell session (what is otherwise a not recommended approach for automating a command execution).

Use SshClient.CreateShellStream or SshClient.CreateShell and send the mysqldump command and credentials to its input:

"mysqldump ...\nusername\npassword"

For a sample code see C# send Ctrl+Y over SSH.NET.

See also Providing input/subcommands to a command (cli) executed with SSH.NET SshClient.RunCommand.

Martin Prikryl
  • 188,800
  • 56
  • 490
  • 992