ETIMEDOUT when connecting to MYSQL

I have used retool for a year not but today all my apps failed because of ETIMEDOUT error. i deleted the old connection thinking it would solve anything but nothing. Anyone kindly help . thanks in advance

Screenshot 2022-12-12 at 3.48.53 PM

Hey @jakinda1! Can you take a look at the IP addresses you have whitelisted on your resource as mentioned here? As mentioned in the screenshot Scott shared there's also a checkbox you can use to switch to the legacy IPs for the moment. If neither of those options work let us know!

I have the same problem, my ressource use SSH tunneling but Wpmudev doesn't support anymore SSH RSA 1, they say that nows the ssh key should be Ed25519.

Is there a way to get that with our Retool connections?

Doesn't anybody have an idea about how I can connect a database throw SSH when rsa is forbidden?
(In French, I hope my English is clear and kind :-))

Is there something I can do to help to help me? :smiley:

Hey @Floo!

Unfortunately, it looks like SSH keys are currently only generated using RSA the only workaround I'm aware of involves enabling RSA keys on the resource side (example). I'm personally not very familiar with Wpmudev and the only docs I'm finding suggest generating RSA keys as well - it may be helpful if you could share additional documentation you're referencing as context!

That being said, it sounds like the only solution at the moment might be to wait for a fix from our end. There's already an internal feature request open to support Ed25519 keys in SSH tunnels and we'll try an let you know here if it gets picked up and included!

1 Like

Hi @Kabirdas,

Thank you for your answer !
Sorry for the delay in my response.
You are right for the RSA keys in the Wpmudev documentation.

But the support said me that about Retool Ed25519 keys :

If they don’t offer it, maybe there could be some newer cert SSH-RSA key as long as it’s not RSA 1 version – that should, theoretically, work fine too.

Is your RSA key is in version 1?

Ahh I see, yes, Retool currently uses RSA SHA-1 keys, the internal request is to upgrade from using that algorithm (folks over here are also aware of its known vulnerabilities). Sorry to not have a better answer for you!

1 Like