Connect to Mysql remotely in centos 6.x server LAMP - mysql

despite I've tried everything suggested in the forum I still can't connect to MySQL remotely.
This is my my.cnf file:
[mysqld]
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
user=mysql
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
I've tried also adding the line bind-address = 0.0.0.0 but still doesn't work.
Then I deleted it because I've preferred leave the default configuration of my webserver and because I've read that, if is not specified, it is 0.0.0.0 by default.
I have the port 3306 open as you can see from my webmin module:
Linux IPTables Firewall
I've created the MySQL account named 'michele' as you can see from my webimn module User Permissions
and also I granted to michele the permissions for any database Database Permissions
and granted to any host all permissions Host Permissions
To test my remote connection I'm trying to connect from MySQL for excel. that is the error error MySQL fro excel
It is impossible to stabilize the connection. Incorrect response of
the connected party after the time interval or no response from the
connected host MY-IP-SERVER:3306
Also I want to inform you that this is my second attempt to connect remotely. In my first I made it! For a problem that doesn't deal with the remote connection I needed to reinitialize my server and here I am.
The first time I remember that in some configuration file I've put # for comment some line but I don't remember which and if it deal with my problem. Please help me I'm going to be mad!
Michele

I made it!
The problem was for the ipTable rule:
REJECT reject with icmp-host-prohibited
rule
so for solve the problem I deleted it.
on my server shell with root permission:
# sudo iptables -L --line-numbers
find the id rule
and then deleted it:
# sudo iptables -D INPUT 10

Related

Cannot connect to MySQL installed on GCP Virtual Machine

I've installed MySQL on a Google Cloud Virtual Machine (debian buster). What I want to do is to make this accessible publicly (using username / password obviously).
As far as I can tell the server is visible from the outside world, as I can ping the IP and I get results, and I think I've set up a user correctly and given the appropriate permissions so I can log in.
For info, my firewall settings on GCP look like this (this is just the egress, there is one exactly the same for ingress):
Which I'm assuming is correct and leaves the correct port open?
The issue I have when I use MySQL Workbench is that when I try to create a new connection, it gives me the following error:
Your connection attempt failed for user 'username' to the MySQL server at [my ip address]:3306:
Unable to connect to localhost
Please:
1 Check that MySQL is running on address [my ip address]
2 Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)
3 Check the user username has rights to connect to [my ip address] from your address (MySQL rights define what clients can connect to the server and from which machines)
4 Make sure you are both providing a password if needed and using the correct password for [my ip address] connecting from the host address you're connecting from**
Any pointers would be gratefully received.
Update: What is really confusing me is the 'Unable to connect to localhost' error. I'm not trying to connect to localhost...?
Update 2: As per comments, results of the following commands:
Note I am trying to connect using the matprichardson username. The svc2toria user is pointing to my own IP address.
Mat, If you want to use your Google Cloud Instance Database using your MySQL workbench. I suggest you connect to it through an SSH tunnel. So, this problem won't happen. I also ran into this problem several times. Connecting through SSH made the job done.
But if your need is something else, this would not help you at all. If your only purpose is managing your database from your local machine using the MySQL workbench. This will work nicely. Create a USER in your Debian VM. and open port 22 to the public. Also, make sure to have strong credentials or a better key file when connecting through SSH. This method is working for every cloud VM database. I'm using this method for G-Cloud, Azure, and AWS. After all of your work is done. Close port 22 (SSH).
My best guess will be because of number 2. "Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)".
Your Virtual Machine will have network security controls / firewall which will be blocking port 3306 by default.
I don't use Google cloud but I believe you are looking for "network details" -> "Firewall rules".
did you change your mysqld.cnf already?
bind-address = 0.0.0.0
As none of the suggestions posted worked I went for the rather more nuclear option of deleting and rebuilding my VM and setting MySQL up again from scratch. I must have done something wrong in my initial setup, as things worked without any issues at all once I’d done this.
The location of the MySQL configuration file differs depending on the distribution.
In Ubuntu and Debian the file is located at /etc/mysql/mysql.conf.d/mysqld.cnf
while in Red Hat based distributions such as CentOS, the file is located at /etc/my.cnf
Open the file with your text editor :
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Search for a line that begins with bind-address and set its value to the IP address on which a MySQL server should listen.
By default, the value is set to 127.0.0.1 (listens only in localhost).
In this example, we’ll set the MySQL server to listen on all IPv4 interfaces by changing the value to 0.0.0.0
bind-address = 0.0.0.0
# skip-networking
If there is a line containing skip-networking, delete it or comment it out by adding # at the beginning of the line.
In MySQL 8.0 and higher, the bind-address directive may not be present. In this case, add it under the [mysqld] section.
Once done, restart the MySQL service for changes to take effect. Only root or users with sudo privileges can restart services.
To restart the MySQL service on Debian or Ubuntu, type:
sudo systemctl restart mysql
On RedHat based distributions like CentOS to restart the service run:
sudo systemctl restart mysqld
For more Detail Read Here

Can't connect to MySQL DB remotely

I keep trying to connect to my MySQL Database use POPSQL, and I keep getting the error code ECONNREFUSED (Error Connection Refused) M.Y.I.P:3306, and I can't figure out why. The set up is a follows:
I'm running Plesk, on Cent OS, which uses a MySQL DB (Maria), which I normally connect to using PHPMyAdmin using the Plesk interface.
Now I'm trying to connect to it using this POPSQL, but I've not been able to connect remotely using any applications.
My troubleshooting:
1: Restart Server: Many times, and after each change.
2: Check firewall: It's enabled, running, and port 3306 is open (I also tried connecting over SSH, which I can do in a terminal, but not POPSQL or any other SQL Connection software)
3: Check Plesk Config: Credentials are right, remote connections are allowed through any host Plesk DB config
4: Check Maria config, bind address is 0.0.0.0 instead of 127.0.0.1
[mysqld]
bind-address = 0.0.0.0
local-infile=0
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
# Settings user and group are ignored when systemd is used.
# If you need to run mysqld under a different user or group,
# customize your systemd unit file for mariadb according to the
# instructions in http://fedoraproject.org/wiki/Systemd
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
#
# include all files from the config directory
#
!includedir /etc/my.cnf.d
My knowledge of DB troubleshooting ends there, so if you have any ideas or recommendations as to whats going on and how to fix it please let me know. Again, I'm pretty new to all of this so I'm sure it's just a simple mistake, but an extra set of eyes would be extremely helpful.
I'm not good with firewalls and that shows.
I was editing the default firewall zone "public" instead of "plesk," the one controlling traffic for this server.
For future reference:
1: Check what zones are active.
firewall-cmd --get-active-zones
2: Edit the active zone
firewall-cmd --zone=plesk **OR whatever your zone is called** --add-port=3306/tcp --permanent
2.5: Make sure it says success
firewall-cmd --zone=plesk --add-port=3306/tcp --permanent
success
3: Reload firewall
firewall-cmd --reload
Credit to Bernd Buffen for pointing me in the right direction.
Don't forget the basics!

Permission denied only with Workbench

I have a database located on a server and it is working correctly. I can access it from the local server and using phpmyadmin from any server connected to the network.
I would want to use Workbench in order to use its functions but I have tried a lot of possibilities and I'm not able to connect from it.
I have found a lot of solutions but anyone could not help me. For this reason, I'm trying to find someone who can help me with this.
First of all, I want to explain that this database is accessible from phpmyadmin (as I said before) and from webserver (I use database in my web application) so, the trouble of denied remote access is discarded. (with user root)
Furthermore I have looking for the problem and in the log of database server I have could find this:
error: connect to 127.0.0.1 port 3306 failed: Permission denied
channel_by_id: 0: bad id
I have tried to use Workbench with TCP/IP with the IP of the database server by port 3306 and with SSH connecting to webserver (this step is running correctly) and connecting to database with local IP and port 3306.
Furthermore, I have checked if port 3306 was closed and it is opened.
The config (my.cnf) is this:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
max_allowed_packet=1024M
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
I know that this config is not usual but I have not installed it and I would not want to touch a lot because it is working now and a lot of people is using it.
I have tried too to edit hosts.allow adding the line mysqld: all but it did not work.
What can be the problem? Thanks for your help.
(I have checked Stackoverflow's posts too and I have not been able to find a solution)
you need to configure your mysql to allow remote login. then you can either specified your ip or wildcard * to allow all ip to access the mysql database.
this is the command to grant remote access.
Log in to the database server.
Connect to the MySQL database as the root user.
Enter the following command:
GRANT ALL ON <local database name>.* TO <remote web node username>#<remote web node server ip address> IDENTIFIED BY '<database user password>';
For example,
GRANT ALL ON magento_remote.* TO dbuser#192.0.2.50 IDENTIFIED BY 'dbuserpassword';

No able to connect remote mysql database

I'm trying to connect on my mysql database when I'm not on localhost - on localhost it's working. Everytime I wish to connect, I don't have any error, but only a timeout exec...
Here is what I've done so far
create a user on mysql who can access to any hosts("%")
purge the iptables
my port 3306 is opened (see screenshot)
the bind-address line is 0.0.0.0 in the mysqld.cnf file - I even tried to put in it comment - please note my.cnf sends to the mysqld.cnf file.
of course for every modification I've restarted the mysql server - and the server itself...
no firewall are setup...
I'm on Ubuntu 16.04 LTS, mysql and phpmyadmin are setup on it.
What I'm missing ?
Thank you for your help
Bastien
After you changed the bind address you restarted with systemctl restart mysql.service, yes?
Here's a very similar situation, try following all of these steps: Remote Connections Mysql Ubuntu
I think the flush privileges step will be a help to you.

Remote Mysql access

I have problem to connect remote LAN MYSQL. While try following commands it shows the following error.
$ mysql -u root -h 192.168.1.15 -p
mysql> GRANT ALL test.* TO root'192.168.1.15' IDENTIFIED BY '';
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.1.15' (10060)
If you have full access to your server (root privileges required):
Step 1: edit my.cnf (usually located in /etc)
Find the following line: [mysqld] and make sure line skip-networking is commented (or remove line) and add following line:
bind-address=YOUR-SERVER-IP
For example, if your MySQL server IP is 66.166.170.28 then entire block should be look like as follows:
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/English
bind-address = 66.166.170.28
# skip-networking
.......
Where
bind-address : IP address to bind to.
skip-networking : Don’t listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.
Step 2: Grant access to all hosts
Start the MySQL monitor with this command: mysql or /usr/local/mysql/bin/mysql. Your shell prompt should now look like this: mysql>. Run this command:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY "PASSWORD";
Where:
USERNAME is the username that you use when connecting using your php script.
PASSWORD is the password you use when connecting.
You now must flush MySQL's privileges. Run this command:
FLUSH PRIVILEGES;
Run this command to exit MySQL:
exit;
Step 3: restart mysql deamon
/etc/init.d/mysqld restart
or
/etc/init.d/mysql restart
depending on what linux distro is your server currently running.
You should also check that your MySQL server has been configured to accept remote TCP connections.
In your MySQL configuration file (my.cnf), you need the following at least:
port = 3306 # Port MySQL listens on
bind-address = 192.168.1.15 # IP address of your server
# skip-networking # This should be commented out to enable networking
The default in some configurations is for the bind-address to be 127.0.0.1, or to skip networking completely, which means only local or unix socket connections are possible. This is for security reasons.
You can also configure the bind-address to be 0.0.0.0 which means it will bind on all IP addresses on the server.
And lastly, check your firewall configuration to allow port 3306.
GRANT ALL ON test.* TO 'root'#'192.168.1.15' IDENTIFIED BY '';
Comment the line below in file /etc/mysql/my.cnf
# bind-address = 127.0.0.1
And add (any)host permission to login(maybe root) on mysql server.
Hard way: you need insert in mysql.host table...
Easy way: use MySQL Administrator->User Administration->Choose user->(Right mouse click)Add host->Select "Any host"
Finally restart server:
/etc/init.d/mysql restart
PS:
Default install aptitude
mysql version: MySQL 5.1.57-1~dotdeb.0
Linux Debian 6 Squeeze
As above, getting rid of "skip-networking" in my.cnf need to be done.
However, on some configurations, that is over-ridden by SKIP="--skip-networking" in a start-up file, such as rc.mysqld. So take that out also.
Does hosts.allow permit one machine to talk to the other in any case?
And leave us not forget the actual documentation.
Just thought I'd throw in another suggestion here...
Some MySQL GUI tools (Sequel Pro for Mac and EMS SQL Manager for Windows) allow MySQL connections through SSH tunnelling. This means you don't have to grant extra privileges. I have found this to be the fastest way of getting remote access to MySQL databases that I administer.