1

I can successfully connect to the remote SSH server with PowerShell using config:

Host *MySSHHost*
  HostName *sshHostName*
  Port *sshPort*
  User *sshUserName*

In my C# code I can successfully connect and disconnect to the SSH server remotely as well.

        try
        {
            client = new SshClient(connectionInfo);
            client.Connect();
            if (client.IsConnected)
            {
                if (forwardedPort == null)
                {
                    forwardedPort = new ForwardedPortLocal("localhost", *sshHostName*, remoteSQlPort);
                    client.AddForwardedPort(forwardedPort);
                    forwardedPort.Start();
                }
                string sqlConnectOverSSH = $"Server = {forwardedPort.BoundHost};Port = {forwardedPort.BoundPort};Database = {remoteSqlDatabaseName};Uid = {*sshUserName*};";
            }
        }
        catch (Exception ex)
        {
            Debug.WriteLine(ex);
        }

This is the SQL connection string that works to connect locally to the SQL Server on the SSH server:

sqlConnect = @"integrated security=SSPI;data source=" + userMachineName + @"\SQLEXPRESS;persist security info=False;initial catalog=" + remoteSqlDatabaseName;

When trying to use the sqlConnectOverSSH string to get data over the SSH tunnel from the remote SQL database, I get the error

System.ArgumentException: Keyword not supported: 'port'

(The SQL ports of the connecting PC and the Server is different.) I am using Renci.SSH.Net

I believe my error is in the connection string?

Dale K
  • 25,246
  • 15
  • 42
  • 71
Allstar
  • 429
  • 2
  • 9
  • 22
  • 3
    If you need integrated security to authenticate the SQL Server connection I don't think this is possible. If you can use SQL Login authentication then set `UID` and `PWD` parameters in the connection string - that's what these parameters are for, not SSH authentication details. – AlwaysLearning Aug 26 '22 at 06:36
  • 1
    The connection string isn't affected by your VPN or SSH. You need to use the correct port. If your network configuration uses a different port, you need to specify it in the connection string. Windows Authentication will only work if the client and server are in the same Active Directory domain though – Panagiotis Kanavos Aug 26 '22 at 09:41
  • 1
    SSH and port forwarding is essentially a hand-rolled VPN minus a lot of security features. You don't need SSH to encrypt SQL Server connections. [Encrypted connections are already supported](https://learn.microsoft.com/en-us/sql/database-engine/configure-windows/enable-encrypted-connections-to-the-database-engine?view=sql-server-ver16). In fact, in the latest Microsoft.Data.SqlClient versions encryption is on-by-default. – Panagiotis Kanavos Aug 26 '22 at 09:44

0 Answers0