I want to have a database on my laptop and grant permissions and access to my friends so they can read/write from their home. What I have done so far:
Downloaded MySQL on both devices
set up user and granted permission on the local server using
CREATE USER 'MyUserName'#'%' IDENTIFIED BY 'MyPassword';
GRANT INSERT, SELECT ON *.* TO 'MyUserName'#'%';
FLUSH PRIVILEGES;
tried finding bind-address from my.ini file but there was no such line. I ran
show global variables like 'bind_address'; and I got the value * so I guess it allows remote access.
Restarted MySQL80 service on both devices
Checked that inbound firewall rules allow access to port 3306 (MySQL had already set a few rules so I left them as is)
Tried connecting from remote server using MySQL shell (i got the public IP from icanhazip.com)
\connect MyUserName#<public IP for my server 92.-.-.->
It prompts me for the password but after I enter it I get
MySQL Error 1045: Access denied for user 'MyUserName'#'<the IP address>' (using password: YES)
I tried testing connection using powershell:
test-netconnection -computername -port 3306
but it says:
WARNING: TCP connect to (<IP>) : 3306) failed
WARNING: Ping to <IP> failed with status: TimedOut
I even tried testing connection on the same local computer with the same command (using the public and private IPs) and it failed. I'm not sure where to go from here. I have looked at other similar questions on stack but they all seem to be addressing one of these things that I have done.
There was one more firewall that I forgot about which was on my default gateway. To get around this it really depends on the router but what I did was:
open cmd and type ipconfig and look for Default Gateway
type that IP in my browser and log into my router
find LAN IP Setup and reserve my IP for my device
find the security options and firewall rules and have allow inbound and outbound rules to my private IP and forward the port.
Related
I've currently set up a staging area for my app in Digital Ocean with LAMP stack. The Framework for my app is Laravel 5.5 and Vue 2x.
In development, I've been using remote MySQL and had no issues with the connection error. However, when I moved it to the staging env, it is giving me access denied error. When I looked at it closely to the error log, Access denied is for username#[digital-ocean-droplet-ip], whereas I have properly configured the MySQL credentials to the remote host IP under laravel's config/database file.
So, I am doubtful if I have to do any configuration under Apache to allow any external MySQL connection? I forgot the cmd but I did allow sfw firewall allow to any port 3306 to the remote server IP address in Apache.
Any help is appreciated.
Thanks!
MySQL by default does not create an user with access from remote connections.
First you need to create an user on database that allows connection from outside (%) or a specific IP
CREATE USER 'newuser'#'%' IDENTIFIED BY 'password';
Than give him privileges
GRANT ALL PRIVILEGES ON *.* TO 'newuser'#'%';
The *s could be replaced by your database and table name respectively
You might also check if in your mysql configuration(/etc/mysql/mysql.conf.d/mysqld.cnf in my case) has this line uncommented
bind-address = 127.0.0.1
Change the ip if necessary
restart mysql and apache
sudo service apache2 restart
sudo service mysql restart
Than update the user and password at your .env file and try again!
Background:
I am able to access a mysql instance from some subnets but not others. At least that is what it appears to be.
Machines on network 10.0.21.xx are able to connect to the MySQL instance. But from 10.0.7.xx, I get "Access denied for user using password". Interestingly, MySQL is installed on the same subnet (10.0.7.xx) as the machines that it will not authenticate users from.
Here is the command that I issue.
mysql -u user -h 10.0.7.21 -p
And the error I get is
ERROR 1045 (28000): Access denied for user 'user'#'10.0.7.30' (using password: YES)
I have already checked the /etc/mysql/my.cnf file and made sure that mysqld listens from all IP addresses. I have also checked grant privileges to make sure it is not tied to specific ip addresses.
I'd appreciate if someone can give me additional insight. If you need me to add extra information kindly let me know.
Thanks for reading.
It turns out it was a DNS issue. What led me to go this route is the MySQL Documenation:
If you specify a host name when trying to connect, but get an error message where the host name is not shown or is an IP address, it means that the MySQL server got an error when trying to resolve the IP address of the client host to a name:
One of the solutions it offers is to flush the DNS host cache; in my case I didn't have this table.
Here are recommended fixes from the documentation:
Some permanent solutions are:
Determine what is wrong with your DNS server and fix it.
Specify IP addresses rather than host names in the MySQL grant tables.
Put an entry for the client machine name in /etc/hosts on Unix or
\windows\hosts on Windows.
Start mysqld with the --skip-name-resolve option.
Start mysqld with the --skip-host-cache option.
In my case I added the IP address of our local DNS server to the client's /etc/resolv.cnf file and then restarted network services (service networking restart).
Get the hostname from your error message and add that to your remote sql host access list.
if you error message is Access denied for user 'user'#'10.0.7.30' (using password: YES) then the host name is 10.0.7.30.
Add it to your remote host access list and you should be connected.
I have followed the steps here:
ERROR 1130 (HY000): Host '' is not allowed to connect to this MySQL server
Carried out this activity dozens of times and it worked -- now for some reason it is not
I have done:
Comment out bind-address in my.cnf and restart service
GRANT ALL PRIVILEGES ON . TO 'root'#'%';
FLUSH PRIVILEGES;
The only difference here is that MySQL is running in a VM under VirtualBox and I am connecting to the VM mysql instance via WIndows 7.
SSH and other services work fine...
The passwords are fine as they work when I connect via SSH...
My new modem/router possibly at fault, blocking outgoing or ingoing connections on port 3306???
I assume that traffic from a host to guest still goes through the router...but the thing is...my requests are certainly making to the MySQL server as the log file shows fail requests...
WTF amm I missing???
The error I receive: Error No. 1045
Access denied for user 'root'#'my-desktop' (Using Passowrd: YES)
You also have to edit my.cnf. Change:
bind-address = 127.0.0.1
to
#bind-address = 127.0.0.1
then restart mysql. Also, if you are going to allow outside access, create a user other than root. That's always a bad idea.
By default connection from outside are not allowed for security reasons.
Because exposing your database to the public internet is never a good idea, you will need to whitelist the IP address manually to allow connection.
We have a MySQL server in one of the remote Virtual Machine (Windows Server 2008). Till yesterday we were able to connect to the MySQL server, with the help of workbench installed in our local machine.
Yesterday there was a restart to the machine which has the Virtual Machine installed. After that we are unable to connect to MYSQL. Though I can ping and remote connect this particular VM. I can even execute the queries inside the workbench installed in the VM.
I am not too good at networking or security related stuffs. Please help me to solve this issue.
Error :
Your connection attempt failed for user 'root' from your host to server at ABC:3306: Can't connect to MySQL server on 'ABC' (10060)
Really this could be a magnitude of possible reasons, hopefully this is a start:
Check basic network
From the MySQL virtual machine open up a command prompt and type IPCONFIG /ALL. This will show you all the IP addresses bound to different network adapters.
Check that the IP address you're connected to is listed there, the virtual machine might have got a new IP from DHCP rather than having a static IP after its restart.
Hostname vs IP
You should check the hostname resolution, from your quoted error it would suggest you are you are connecting to a hostname rather than a server IP. Check your machine can resolve to the hostname using the correct IP address - it could also be worth changing the hostname for the actual IP of the server in the connection string.
MySQL config file
You've said you're running MySQL on Windows, it was customary to rename the my.cnf to my.ini. The configuration file for older versions of MySQL previous to 4.1.5 was usually stored in either c:\my.ini or c:\windows\my.ini. For versions after this the default location is the installation directory usually %PROGRAMDATA%\MySQL\MySQL Server xxx.
When you have located the configuration file please open it on Notepad (or similar text editor), locate the [mysqld] section and make sure that port= the port you're trying to connect to and bind-address= the IP address you're trying to connect to.
Server ports
From the MySQL virtual server open a command prompt and type netstat –ano, this will show you a list of processes and what IP's / ports they are listening on. The MySQL server should be listed here and should be listening on the same port and IP as the config file defines.
Windows firewall
You should have a firewall rule to allow MySQL, the following will add one on the default port of 3306
netsh advfirewall firewall add rule name="MySQL Server" action=allow protocol=TCP dir=in localport=3306
Identify if this is machine specific
You could setup the MySQL Workbench application on another workstation and try to connect to identify if this is a global problem or just one related to your specific workstation.
mysql administrator of your database should allow remote connection to the mysql server.
change this in my.cnf:
bind-address = 127.0.0.1 # this shoul be your mysql server ip
and comment this:
# skip-networking
Chances are that your configuration was set up for an IP that has changed. By default, mysql won't let you connect from remote hosts unless you explicitly give permissions for a specific user on a specific schema or a group of schemas, for example if you did something like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'1.2.3.4' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Maybe what you actually did was to set the grant onto your own IP address, that is the address of your local machine, and if your local machine (not the remote server) has changed it's IP address, then mysql will not let you connect unless you have the "1.2.3.4" IP address which obviously you don't have anymore if you have a dynamic IP address (common with DSL/Cable connections)
So connect through SSH or Telnet or whatever you use to your windows server and go to mysql as root and do this:
SELECT * from information_schema.user_privileges;
That will show you the grants on all users and how they are allowed to connect. If you don't see your local IP Address listed there or a wildcard (which would allow you to connect from any remote machine to the server) then you have to set it up like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Where USERNAME of course is your user. See that after the on there is a wildcard / dot /wildcard that means you want that user to be able to connect to any schema (database, for mysql) from any user from any network. But I'd recommend that you only do the grant for the user for the specific schema you need to connect to.
Then after that, if you actually had the right information and still can't connect than use a portscanner like nmap or something like that to do a port scan and see if mysql is:
Open and listening to external network
Running on the port that you actually want to connect through
If 1 is true, then check 2 because maybe there is a misconfiguration of the port. But if any of these 2 points do work then it sounds definitely not like a network configuration but a user setting or something else.
GRANT ALL ON *.* to user#'%' IDENTIFIED BY 'password';
this command should do the trick for all users #Gustavo Rubio has already given the proper explanation.
To ensure what ports are open run cmd in the virtual machine and type.
netstat -a
TCP 127.0.0.1:3360 Hostname:3360 LISTENING
The my.cnf is located Mysql-install-path\MySQL\MySQL Server xxx make sure you backup original before changing
Can't connect to [local] MySQL server
Testing The MySQL Server Installation on Microsoft Windows
MySQL Workbench: Manage MySQL on Windows Servers the Windows way
For the first time you need to test and make sure your connection to mysql is not blocked by the firewall.
To disable the firewall on each host in your cluster, perform the following steps on each host.
1. Save the existing iptables rule set.
iptables-save > /root/firewall.rules
2. Disable iptables.
For RHEL, CentOS, Oracle, and Debian:
chkconfig iptables off
and
/etc/init.d/iptables stop
For SLES:
chkconfig SuSEfirewall2_setup off
and
rcSuSEfirewall2 stop
For Ubuntu:
service ufw stop
https://www.cloudera.com/documentation/enterprise/5-7-x/topics/install_cdh_disable_iptables.html
Depends on your setup, but if you're using cPanel just go to RemoteMYSQL and enter your host. You can also use a wildcard. Below worked for me when I was getting the error
"Could not connect to DB server '' as user ''. port : Host '' is not
allowed to connect to this MySQL server"
On MySQL v5.6 this may be the case.
When another server communicate by advertising its hostname instead of IP address, the resolution might fails (because your user is using IP address instead of hostname for example).
So, you need to disable the following,
skip-host-cache
skip-name-resolve
Or maybe create the user with appropriate hostname (instead of IP address). You may find the hostname when establishing the connection to the remote MySQL.
I have a remote Server which is running mysql. I have enabled remote access by changing the bind address to the public ip, and commenting the "skip-networking" line. I then used ufw (ubuntu firewall) to open the mysql port 3306
However my client times out when trying to connect to the server. So I test the connection with telnet, and I get the expect response, the same as I get on the local server.
I'm getting no errors, and no response when using a mysql client, but access would appear to be there in telnet.
Can anybody suggest what I've missed?
Thanks
If its not a firewall issue then maybe its a permission problem , try this for the user you use to connect from that host:
CREATE USER 'user'#'host' IDENTIFIED BY 'pass';
GRANT ALL on *.* to 'user'#'host';
FLUSH PRIVILEGES;
UPDATE:
Also check the bind-address from my.cnf file
For example, if you bind to 0.0.0.0, you can connect to the server
using all existing accounts. But if you bind to 127.0.0.1, the server
accepts connections only on that address. In this case, first make
sure that the 'root'#'127.0.0.1' account is present in the mysql.user
table so that you can still connect to the server to shut it down.