I can't connect remotely from Nodejs to a MySQL database from a domain. I've searched a lot, my ip is listed in the host list, and I've also checked the MySQL variables and the bind-address is set to *.
And, also, does anyone know why when I try to add a new host for remote mysql connections it says that the % wildcard is not allowed?
With another domain it works just fine.
Please help me figure it out.
Thanks!
You need to check if the port is open from remote by using MySQL workbench or other clients. You can also use telnet in the command line:
telnet {database ip} 3306
If you got a timeout, It seems there is a Firewall or Mysql config not listening remote IPs so call your ISP or hosting provider and ask them for open access.
But if you got "access denied" message or telnet connection was successful, we have something wrong in MySQL user privilege.
Related
I am trying Peewee to connect and retrieve data from a MySQL remote database, but I get the following error:
InternalError: (1130, "Host 'x.x.x.x' is not allowed to connect to this MariaDB server")
Could you help me?
"retrieve data from a MySQL remote database"
"Host is not allowed to connect to this MariaDB server"
Seem to point on a simple problem:
You're not allowed to connect on the DB from "outside".
By default, MySql / MariaDB are only listening on the "inside" of the server, from MariaDb doc :
MariaDB packages bind MariaDB to 127.0.0.1 (the loopback IP address) by default as a security measure using the bind-address configuration directive.
This mean apart for an application that run on the same machine (accessing 127.0.0.1 or localhost), you'll not be able to connect.
Solutions:
SSH tunnelling
This is probably the safest way to allow a connexion on a remote DB.
SSH is a protocol that allow you to connect to a server. It's mainly used on unix server to manage them, but can do a lot more.
How to use it in your case?
if you can connect with SSH to your DB server, then running this simple command on your notebook the will do the trick:
ssh -L 3306:localhost:3306 user#x.x.x.x
Lets explain a bit: first, your run SSH, then, you tell him to enable a port forwarding from your 3306 port to the localhost:3306 port of the server you connect through user#IP.
With this command running, every query from your local machine:3306 will by send to your MariaDB:3306 server, allowing you to use it as if you where on the server.
Allowing a remote-access user
This one is way more dangerous than the previous one. You'll need to take your time and think about every outcome it mean.
As already said, you're not allowed to connect from outside, ssh let you be "inside", but if you know what you do, you can just remove the security.
The point is:
to make an account that'll be able to login from a remote IP,
allow MariaDB to listen on external requests,
and at least, secure other account to disable remote connection.
[I'm not putting the how-to now, if you really need it, I'll update this answer]
I don't know if this is a user error on my end, or if the remote server is configured incorrectly.
I was given some connection info for a server as follows:
Server IP
server username
keyfile
mysql user
mysql password
and I can shell in and run the "mysql" command with the mysql user and password I was given, but I can't setup a connection in either MySQL Workbench or in HeidiSQL.
In MySQL Workbench, the 'Standard TCP/IP over SSH' seemed to best fit the info I was given, but when I try to connect I get "Authentication error. Please check that your username and password are correct and try again." or "Authentication error opening SSH tunnel: Authentication error. Please check that your username and password are correct and try again." in the logfile.
In HeidiSQL the "MySQL (SSH tunnel)" seemed to best fit the info I was given, but when I try to connect there, I get "Lost connection to MySQL server at 'reading initial communication packet', system error:0"
I looked up both these errors and couldn't find anything for the first one, and the second one seemed to be more about server configuration. I'm not too savvy with server config, so I'm a bit stuck evaluating whether or not I'm doing something wrong on my end, or if something needs to be changed on the server. I'd appreciate some advice. Thanks!
You must be more specific about the credentials you got. Is "server IP" the IP address of the MySQL server or an SSH server? Is the "server username" the SSH user or something else (e.g. a regular user of the target machine)? In my tutorial video on Youtube I explained what you have to use where to create a connection, including SSH connections: https://www.youtube.com/watch?v=DCgRF4KOYIY
You have to check a couple configuration steps before you can perform a remote mysql connection:
First of all you must check that mysql default port(3306) is listening on the correct interface.
You can check this out using netstat command in the remote server:
# netstat -tulnp
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1111/mysqld
http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html
Then you must check that the remote host is allowed to perform querys into mysql engine (you must check user and host permissions over your database).
Connect into terminal and run the following command in mysql prompt:
mysql> select user,host from mysql.user;
Check the following link to deep insight mysql user and hosts system:
https://dev.mysql.com/doc/refman/5.0/en/adding-users.html
Check user,host permissions over your database:
mysql> show grants for root#localhost;
https://dev.mysql.com/doc/refman/5.1/en/grant.html
You must check that remote host (client) exist for example: user#192.168.1.2
Finally if you are using putty to encrypt over ssh you connection please check that you rsa key fingerprint is added you can perform this just logging ssh using you putty client.
We have a MySQL server in one of the remote Virtual Machine (Windows Server 2008). Till yesterday we were able to connect to the MySQL server, with the help of workbench installed in our local machine.
Yesterday there was a restart to the machine which has the Virtual Machine installed. After that we are unable to connect to MYSQL. Though I can ping and remote connect this particular VM. I can even execute the queries inside the workbench installed in the VM.
I am not too good at networking or security related stuffs. Please help me to solve this issue.
Error :
Your connection attempt failed for user 'root' from your host to server at ABC:3306: Can't connect to MySQL server on 'ABC' (10060)
Really this could be a magnitude of possible reasons, hopefully this is a start:
Check basic network
From the MySQL virtual machine open up a command prompt and type IPCONFIG /ALL. This will show you all the IP addresses bound to different network adapters.
Check that the IP address you're connected to is listed there, the virtual machine might have got a new IP from DHCP rather than having a static IP after its restart.
Hostname vs IP
You should check the hostname resolution, from your quoted error it would suggest you are you are connecting to a hostname rather than a server IP. Check your machine can resolve to the hostname using the correct IP address - it could also be worth changing the hostname for the actual IP of the server in the connection string.
MySQL config file
You've said you're running MySQL on Windows, it was customary to rename the my.cnf to my.ini. The configuration file for older versions of MySQL previous to 4.1.5 was usually stored in either c:\my.ini or c:\windows\my.ini. For versions after this the default location is the installation directory usually %PROGRAMDATA%\MySQL\MySQL Server xxx.
When you have located the configuration file please open it on Notepad (or similar text editor), locate the [mysqld] section and make sure that port= the port you're trying to connect to and bind-address= the IP address you're trying to connect to.
Server ports
From the MySQL virtual server open a command prompt and type netstat –ano, this will show you a list of processes and what IP's / ports they are listening on. The MySQL server should be listed here and should be listening on the same port and IP as the config file defines.
Windows firewall
You should have a firewall rule to allow MySQL, the following will add one on the default port of 3306
netsh advfirewall firewall add rule name="MySQL Server" action=allow protocol=TCP dir=in localport=3306
Identify if this is machine specific
You could setup the MySQL Workbench application on another workstation and try to connect to identify if this is a global problem or just one related to your specific workstation.
mysql administrator of your database should allow remote connection to the mysql server.
change this in my.cnf:
bind-address = 127.0.0.1 # this shoul be your mysql server ip
and comment this:
# skip-networking
Chances are that your configuration was set up for an IP that has changed. By default, mysql won't let you connect from remote hosts unless you explicitly give permissions for a specific user on a specific schema or a group of schemas, for example if you did something like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'1.2.3.4' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Maybe what you actually did was to set the grant onto your own IP address, that is the address of your local machine, and if your local machine (not the remote server) has changed it's IP address, then mysql will not let you connect unless you have the "1.2.3.4" IP address which obviously you don't have anymore if you have a dynamic IP address (common with DSL/Cable connections)
So connect through SSH or Telnet or whatever you use to your windows server and go to mysql as root and do this:
SELECT * from information_schema.user_privileges;
That will show you the grants on all users and how they are allowed to connect. If you don't see your local IP Address listed there or a wildcard (which would allow you to connect from any remote machine to the server) then you have to set it up like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Where USERNAME of course is your user. See that after the on there is a wildcard / dot /wildcard that means you want that user to be able to connect to any schema (database, for mysql) from any user from any network. But I'd recommend that you only do the grant for the user for the specific schema you need to connect to.
Then after that, if you actually had the right information and still can't connect than use a portscanner like nmap or something like that to do a port scan and see if mysql is:
Open and listening to external network
Running on the port that you actually want to connect through
If 1 is true, then check 2 because maybe there is a misconfiguration of the port. But if any of these 2 points do work then it sounds definitely not like a network configuration but a user setting or something else.
GRANT ALL ON *.* to user#'%' IDENTIFIED BY 'password';
this command should do the trick for all users #Gustavo Rubio has already given the proper explanation.
To ensure what ports are open run cmd in the virtual machine and type.
netstat -a
TCP 127.0.0.1:3360 Hostname:3360 LISTENING
The my.cnf is located Mysql-install-path\MySQL\MySQL Server xxx make sure you backup original before changing
Can't connect to [local] MySQL server
Testing The MySQL Server Installation on Microsoft Windows
MySQL Workbench: Manage MySQL on Windows Servers the Windows way
For the first time you need to test and make sure your connection to mysql is not blocked by the firewall.
To disable the firewall on each host in your cluster, perform the following steps on each host.
1. Save the existing iptables rule set.
iptables-save > /root/firewall.rules
2. Disable iptables.
For RHEL, CentOS, Oracle, and Debian:
chkconfig iptables off
and
/etc/init.d/iptables stop
For SLES:
chkconfig SuSEfirewall2_setup off
and
rcSuSEfirewall2 stop
For Ubuntu:
service ufw stop
https://www.cloudera.com/documentation/enterprise/5-7-x/topics/install_cdh_disable_iptables.html
Depends on your setup, but if you're using cPanel just go to RemoteMYSQL and enter your host. You can also use a wildcard. Below worked for me when I was getting the error
"Could not connect to DB server '' as user ''. port : Host '' is not
allowed to connect to this MySQL server"
On MySQL v5.6 this may be the case.
When another server communicate by advertising its hostname instead of IP address, the resolution might fails (because your user is using IP address instead of hostname for example).
So, you need to disable the following,
skip-host-cache
skip-name-resolve
Or maybe create the user with appropriate hostname (instead of IP address). You may find the hostname when establishing the connection to the remote MySQL.
I'd like to connect to MySQL (deamon is running on my VPS) via HeidiSQL. I've created new user, commented bind-adress option and when I try to connect with it via HeidiSQL, I've got an error 2003: Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (10061).
What should I do?
It could be a number of factors.
See if a firewall is blocking your traffic to the other host
Can you simply ping the host from the client machine?
Can you also open a simple telnet session to the host on port 3306 ?
(If the telnet is accepted, you will probably see some characters appear and you will remain in the telnet session for a few seconds before the connection is closed. If not accepted, you will see the message Connection refused.)
There's a simple checklist for this:
Is your MySQL server bound to "localhost" only? It might be listening for connections only on 127.0.0.1 or ::1 instead of any which is usually 0.0.0.0. Try connecting on your server to your server with mysql --host=host_ip where host_ip is your network IP address. I think the default is localhost-only.
Is port 3306 firewalled? Many distributions allow only SSH by default, so you may need to open this up to your client machine. Try not to open this up to everyone on the internet as having an open MySQL port is asking for trouble. It's always best to limit access to a set of specific IPs if possible.
Can you connect via an SSH tunnel instead? This is far more secure as it means your 3306 port is properly firewalled. There are many tools for creating SSH tunnels, but the basic principle is to forward a local port of your choosing to the remote server's port 3306.
I have access to the database only through phpmyamdin. What can I do to log in via mysql-query-browser or mysql-workbench? I enter my password, username and host to mysql-workbench but there is no connection.
Thank you.
If you do not get an error any message, it sounds like there may be a firewall blocking the request on port 3306. You may also need to ask for privileges for the user/pwd that you are logging into from the host machine you are logging into.
It's possible that mysql is only listening in localhost, so you can't access it with any program that's not on the same machine as the mysql server (and phpmyadmin can access it because it's on the same server).