Permission denied only with Workbench - mysql

I have a database located on a server and it is working correctly. I can access it from the local server and using phpmyadmin from any server connected to the network.
I would want to use Workbench in order to use its functions but I have tried a lot of possibilities and I'm not able to connect from it.
I have found a lot of solutions but anyone could not help me. For this reason, I'm trying to find someone who can help me with this.
First of all, I want to explain that this database is accessible from phpmyadmin (as I said before) and from webserver (I use database in my web application) so, the trouble of denied remote access is discarded. (with user root)
Furthermore I have looking for the problem and in the log of database server I have could find this:
error: connect to 127.0.0.1 port 3306 failed: Permission denied
channel_by_id: 0: bad id
I have tried to use Workbench with TCP/IP with the IP of the database server by port 3306 and with SSH connecting to webserver (this step is running correctly) and connecting to database with local IP and port 3306.
Furthermore, I have checked if port 3306 was closed and it is opened.
The config (my.cnf) is this:
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
max_allowed_packet=1024M
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
I know that this config is not usual but I have not installed it and I would not want to touch a lot because it is working now and a lot of people is using it.
I have tried too to edit hosts.allow adding the line mysqld: all but it did not work.
What can be the problem? Thanks for your help.
(I have checked Stackoverflow's posts too and I have not been able to find a solution)

you need to configure your mysql to allow remote login. then you can either specified your ip or wildcard * to allow all ip to access the mysql database.
this is the command to grant remote access.
Log in to the database server.
Connect to the MySQL database as the root user.
Enter the following command:
GRANT ALL ON <local database name>.* TO <remote web node username>#<remote web node server ip address> IDENTIFIED BY '<database user password>';
For example,
GRANT ALL ON magento_remote.* TO dbuser#192.0.2.50 IDENTIFIED BY 'dbuserpassword';

Related

Connect to Mysql remotely in centos 6.x server LAMP

despite I've tried everything suggested in the forum I still can't connect to MySQL remotely.
This is my my.cnf file:
[mysqld]
datadir = /var/lib/mysql
socket = /var/lib/mysql/mysql.sock
user=mysql
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
I've tried also adding the line bind-address = 0.0.0.0 but still doesn't work.
Then I deleted it because I've preferred leave the default configuration of my webserver and because I've read that, if is not specified, it is 0.0.0.0 by default.
I have the port 3306 open as you can see from my webmin module:
Linux IPTables Firewall
I've created the MySQL account named 'michele' as you can see from my webimn module User Permissions
and also I granted to michele the permissions for any database Database Permissions
and granted to any host all permissions Host Permissions
To test my remote connection I'm trying to connect from MySQL for excel. that is the error error MySQL fro excel
It is impossible to stabilize the connection. Incorrect response of
the connected party after the time interval or no response from the
connected host MY-IP-SERVER:3306
Also I want to inform you that this is my second attempt to connect remotely. In my first I made it! For a problem that doesn't deal with the remote connection I needed to reinitialize my server and here I am.
The first time I remember that in some configuration file I've put # for comment some line but I don't remember which and if it deal with my problem. Please help me I'm going to be mad!
Michele
I made it!
The problem was for the ipTable rule:
REJECT reject with icmp-host-prohibited
rule
so for solve the problem I deleted it.
on my server shell with root permission:
# sudo iptables -L --line-numbers
find the id rule
and then deleted it:
# sudo iptables -D INPUT 10

Windows mysql workbench can't connect to remote mysql service

I deploy a mysql service on my company remote develop CentOS machine, I'm sure the service is turn on, and it can be access from an other reomte linux machine.
However, I can't connect it from my own Windows PC. I tried mysql workbench client and HeidiSQL client, both failed. I can ping through the remote IP address. I have tried anything I can found on google. Like
add bind-address = 127.0.0.1 to cnf file, and comment out the skip-networking.
I also tried the answer on another question Can't connect to remote server using MySQL Workbench on mac, which allow all machine can access to the service.
But my PC still can't connect to it, which report code 10060 error. So what should I do?
That bind-address = 127.0.0.1 config option means that your mysql server only accepts connections from the localhost, which is your actual CentOS machine. Make sure to set bind-address = 0.0.0.0.
Also, make sure that:
you have connectivity from your windows machine to the CentOS one
no firewall blocks the external connections to the local mysql port
Regarding potential security concerns from opening your mysql instance to the whole internet - first make it work, then make it better
I had the same issue here man,and i discovered that we need to create a user that isnt the root user. I my case, i don't know why yet, the issue was that.
The solution
Steps:
1 - Check the firewall (create a rule for port 3306 or disable it).
2 - Comment the line # bind-address=0.0.0.0 at [mysqld] config optin in C:\ProgramData\MySQL\MySQL Server 5.7\my.ini
3 - Create the user to remote access:
mysql> CREATE USER 'net'#'%' IDENTIFIED BY '123';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'net'#'%' WITH GRANT OPTION;
In my case, solved.

Access remote MySQL server without editing my.conf

I want to connect my Django app (hosted on a VPS) to a database hosted on another server with more memory, so I can run stuff and add things to the database without the risk of it getting killed for using too much memory on my VPS. The things I've seen about this (e.g., How to connect to MySQL server on another host?) all involve editing my.cnf and changing the bind-address line. I a)don't have root privileges to do this, and b)don't want to expose other users' MySQL dbs to potential security risks. I tried editing ~/.my.cnf to change the bind-address thing, but that doesn't seem to work.
I also found http://www.rackspace.com/knowledge_center/article/mysql-connect-to-your-database-remotely, which suggests creating 'user'#'remote-ip-address' and then granting that user permissions. I tried that, but I keep getting ERROR 2003 (HY000): Can't connect to MySQL server on '(the server's address)' (110) when I try mysql -u username -p -h (the server's address).
I have access to the root user for MySQL, but no other admin privileges on the server where I want to set up the database. Is there any way to configure things so Django can access this remote db without directly editing /etc/mysql/my.cnf?
The bind-address doesn't specify which IPs can connect to that server, but which address is MySQL listening to. So, just set it to 0.0.0.0 and it will work. Please make sure you've got a user account with that address. Check mysql.user table.
Addressing the root-access thing:
* If you installed mysql manually, you've got root access.
* If you didn't install mysql manually, but it's a service provided by the VPS hosting, then the bind-address should be 0.0.0.0 (or at least not 127.0.0.1). If it's not the case, contact them because they're screwing up pretty bad.
Hope it helps.
EDIT, CLARIFICATION:
MySQL bind-address is not a security constraint. If you want to allow some addresses to connect to the server you should create/grant users with the that address specified, like this
CREATE USER 'bobdole'#'192.168.10.221';
Rather hacky, but I think this should be possible with MySQL Proxy listening on an unprivileged port on the public IP, proxying all queries to the mysqld which is running locally.

cant access remote mysql server need help

I have a unix server with mysql which I am trying to access from my machine. To clarify, access the mysql server. When I do I get this error.
Connecting to MySQL server 192.168.1.25...
Can't connect to MySQL server on '192.168.1.25' (10061)
Here are my credentials:
username: root
port: 3306
The server is running because I am able to remotely login onto the machine (with ip: 192.168.1.25" and then run mysql from root. What do you think is going on:
Is it a firewall issue?
Accessing as 'root' is being denied?
I am new to mysql.
1)
check the logs
you can see where the logs are by checking the my.cnf file.
mysqld.log might be the file name, but where
2)
a. see if it's a network issue.
telnet 192.168.1.25 3306
b. see if the service is at that port.
ssh to the box
# from the local host
mysql -u root
telnet 127.0.0.1 3306
ps auxw|grep mysql
you should hopefully have enough diagnostic info at this point to figure it out.
Probably because remote root login is not allowed. You can try this article on how to enable remote root:
http://benrobb.com/2007/01/15/howto-remote-root-access-to-mysql/
i have this problem and fix it by
first you must grant all to user
GRANT ALL PRIVILEGES ON databasename. TO 'user'#'%' IDENTIFIED BY 'password';
then
FLUSH PRIVILEGES;
and change the mysql config using
sudo nano /etc/mysql/my.cnf
find "bind-address" row and comment it.
save config and restart mysql using
sudo /etc/init.d/mysql restart
hope solve problem :)
The Message (10061) is do to offline severs or firewall blockage
If you get -the name of your pc - can not connect, then mysql is rejecting the connection and you will have to create a 'user' in the mysql database mysql, table user using the IP of the remote connection', and restart the database service
but for error 10061 check The Firewall in both machines.
Masters PC per say, is the one with the phpmyadmin installation
Allow Destination ip-[the remote] and port 3306 on the Master Machine
and
Allow source ip-[the masters]/with any port, and check your destination port(3306) too. destination ip can also be set on some firewalls.
And if you can, search in your firewall for logs, settings, recent activity, etc... to see what and how you are being blocked.

Unable to login to MySQL 5 remotely

I'm stuck at the seemingly simple task of connecting remotely to MySQL. I inherited the server, so don't know how it was installed. Took a look at /etc/my.cnf (the only my.cnf on the system as far as I can tell) and found
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
user=mysql
# Default to using old password format for compatibility with mysql 3.x
# clients (those using the mysqlclient10 compatibility package).
old_passwords=1
[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
The error I get is
"Unable to connect to host 123.456.789.000 because access was denied. Double-check your username and password and ensure that access from your current location is permitted. MySQL said: Access denied for user 'my_user_name'#'098-765-432-111-mydomain.com' (using password: YES)"
Things I've done:
I added bind-address = 0.0.0.0 to my.cnf and restarted the server. No luck.
Telnetted to the server on port 3306. Got mishmash of text back, which tells me the port is accessible.
Stopped the server and tried to connect again (to see what error I would get). Surprisingly, didn't get a timeout - got the same error as above.
Here's what SELECT User, Host, Password FROM mysql.user WHERE user = 'web_app_user';
+--------------+-----------------------+------------------+
| User | Host | Password |
+--------------+-----------------------+------------------+
| web_app_user | % | 54b4540f7c238486 |
+--------------+-----------------------+------------------+
I've had the same problem long ago, i was caused because my user didn't have the remote right, basically when you log in MySQL you log as username#localhost, but when you are remoting it'll be username#your-isp.com, you need to create a user named username#your-isp.com and use the GRANT method to give him the correct right, this can all be done via phpmyadmin but sadly I can't remember where...
A lot of times, a login is limited to be a local connection. You need to take a look at the user permissions and will likely need to add a record allowing that login and password to connect from a remote location.
On my web servers, I always limit the login to being from localhost, for security purposes.