I have installed MySQL Community Edition 5.5 on my local machine and I want to allow remote connections so that I can connect from external source.
How can I do that?
That is allowed by default on MySQL.
What is disabled by default is remote root access. If you want to enable that, run this SQL command locally:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
FLUSH PRIVILEGES;
And then find the following line and comment it out in your my.cnf file, which usually lives on /etc/mysql/my.cnf on Unix/OSX systems. In some cases the location for the file is /etc/mysql/mysql.conf.d/mysqld.cnf).
If it's a Windows system, you can find it in the MySQL installation directory, usually something like C:\Program Files\MySQL\MySQL Server 5.5\ and the filename will be my.ini.
Change line
bind-address = 127.0.0.1
to
#bind-address = 127.0.0.1
And restart the MySQL server (Unix/OSX, and Windows) for the changes to take effect.
After doing all of above I still couldn't login as root remotely, but Telnetting to port 3306 confirmed that MySQL was accepting connections.
I started looking at the users in MySQL and noticed there were multiple root users with different passwords.
select user, host, password from mysql.user;
So in MySQL I set all the passwords for root again and I could finally log in remotely as root.
use mysql;
update user set password=PASSWORD('NEWPASSWORD') where User='root';
flush privileges;
Just a note from my experience, you can find configuration file under this path /etc/mysql/mysql.conf.d/mysqld.cnf.
(I struggled for some time to find this path)
In my case I was trying to connect to a remote mysql server on cent OS. After going through a lot of solutions (granting all privileges, removing ip bindings,enabling networking) problem was still not getting solved.
As it turned out, while looking into various solutions,I came across iptables, which made me realize mysql port 3306 was not accepting connections.
Here is a small note on how I checked and resolved this issue.
Checking if port is accepting connections:
telnet (mysql server ip) [portNo]
Adding ip table rule to allow connections on the port:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
Would not recommend this for production environment, but if your iptables are not configured properly, adding the rules might not still solve the issue. In that case following should be done:
service iptables stop
Hope this helps.
All process for remote login. Remote login is off by default.You need to open it manually for all ip..to give access all ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password';
Specific Ip
GRANT ALL PRIVILEGES ON *.* TO 'root'#'your_desire_ip' IDENTIFIED BY 'password';
then
flush privileges;
You can check your User Host & Password
SELECT host,user,authentication_string FROM mysql.user;
Now your duty is to change this
bind-address = 127.0.0.1
You can find this on
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
if you not find this on there then try this
sudo nano /etc/mysql/my.cnf
comment in this
#bind-address = 127.0.0.1
Then restart Mysql
sudo service mysql restart
Now enjoy remote login
Please follow the below mentioned steps inorder to set the wildcard remote access for MySQL User.
(1) Open cmd.
(2) navigate to path C:\Program Files\MySQL\MySQL Server 5.X\bin and
run this command.
mysql -u root -p
(3) Enter the root password.
(4) Execute the following command to provide the permission.
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'IP' IDENTIFIED BY
'PASSWORD';
USERNAME: Username you wish to connect to MySQL server.
IP: Public IP address from where you wish to allow access to MySQL
server.
PASSWORD: Password of the username used.
IP can be replaced with % to allow user to connect from any IP
address.
(5) Flush the previleges by following command and exit.
FLUSH PRIVILEGES;
exit;
or \q
I had to this challenge when working on a Java Project with MySQL server as the database.
Here's how I did it:
First, confirm that your MySQL server configuration to allow for remote connections. Use your preferred text editor to open the MySQL server configuration file:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Scroll down to the bind-address line and ensure that is either commented out or replaced with 0.0.0.0 (to allow all remote connections) or replaced with Ip-Addresses that you want remote connections from.
Once you make the necessary changes, save and exit the configuration file. Apply the changes made to the MySQL config file by restarting the MySQL service:
sudo systemctl restart mysql
Next, log into the MySQL server console on the server it was installed:
mysql -u root -p
Enter your mysql user password
Check the hosts that the user you want has access to already. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| localhost |
+-----------+
Next, I ran the command below to grant the root user remote access to the database named my_database:
USE my_database;
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'my-password';
Note: % grants a user remote access from all hosts on a network. You can specify the Ip-Address of the individual hosts that you want to grant the user access from using the command - GRANT ALL PRIVILEGES ON *.* TO 'root'#'Ip-Address' IDENTIFIED BY 'my-password';
Afterwhich I checked the hosts that the user now has access to. In my case the user is root:
SELECT host FROM mysql.user WHERE user = "root";
This gave me this output:
+-----------+
| host |
+-----------+
| % |
| localhost |
+-----------+
Finally, you can try connecting to the MySQL server from another server using the command:
mysql -u username -h mysql-server-ip-address -p
Where u represents user, h represents mysql-server-ip-address and p represents password. So in my case it was:
mysql -u root -h 34.69.261.158 -p
Enter your mysql user password
You should get this output depending on your MySQL server version:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.31 MySQL Community Server (GPL)
Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
Resources: How to Allow Remote Connections to MySQL
That's all.
I hope this helps
Close comment at link /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/my.cnf:
bind-address = 127.0.0.1 =>> #bind-address = 127.0.0.1
Change the hostname so that all machines can access it, run this SQL command locally:
UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='root';
FLUSH PRIVILEGES;
Restart service:
sudo service mysql restart
Open port mysql:
sudo ufw allow 3306
If your MySQL server process is listening on 127.0.0.1 or ::1 only then you will not be able to connect remotely. If you have a bind-address setting in /etc/my.cnf this might be the source of the problem.
You will also have to add privileges for a non-localhost user as well.
If you installed MySQL from brew it really does only listen on the local interface by default. To fix that you need to edit /usr/local/etc/my.cnf and change the bind-address from 127.0.0.1 to *.
Then run brew services restart mysql.
Just F.Y.I
I pulled my hair out with this problem for hours.. finally I call my hosting provider and found that in my case using a cloud server that in the control panel for 1and1 they have a secondary firewall that you have to clone and add port 3306. Once added I got straight in..
For whom it needs it, check firewall port 3306 is open too, if your firewall service is running.
This blog How to setup a MySQL server on Local Area Network will be useful in setting up a MySQL from scratch
If mysqld has a bind address set to a loopback/local address (e.g. 127.0.0.1), the server will not be reachable from remote hosts, because a loopback interface cannot be reached from any remote host.
Set this option to 0.0.0.0 (:: for IPv4+6) to accept connections from any host, or to another externally-reachable address if you want to only allow connections on one interface.
Source
And for OS X people out there be aware that the bind-address parameter is typically set in the launchd plist and not in the my.ini file. So in my case, I removed <string>--bind-address=127.0.0.1</string> from /Library/LaunchDaemons/homebrew.mxcl.mariadb.plist.
Enabling remote root access can be dangerous. It would be preferable if you were to set up user accounts with more restrictive permissions. The following three steps should do it.
Ensure that the line starting with bind-address ... is at least commented out in your my.ini or my.cnf file. If it doesn't exist, move on.
You can find this file in C:\ProgramData\MySQL\MySQL Server 8.0 on Windows.
Afterwards, check that the user account you are establishing the connection with does not have localhost in the Limit to Hosts Matching field. While it isn't recommended, you can instead put % in that field for testing purposes. You can do this by opening a local connection to the server with MySQL Workbench, then going to Server>Users and Privileges from the menu bar and finding the user account you want to connect with.
The "Limit to Hosts Matching" field is what disallows you to connect non-locally. I.e. it limits the accepted connections to a pattern of IP addresses. Ideally, you should be accessing the MySQL server from a static IP address or subnet, so that you can be as restrictive as possible.
Obviously, your firewall should allow the MySQL Server application to communicate over the port you want. The physical networking equipment in between you and your server should allow communication on the port you want to connect with. (port 3306 typically)
MySQL 8 no longer allows you to create a user using the GRANT command. You need to create the user first.
CREATE USER 'root'#'%' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
some times need to use name of pc on windows
first step) put in config file of mysql:
mysqld.cnf SET bind-address= 0.0.0.0
(to let recibe connections over tcp/ip)
second step) make user in mysql, table users, with name of pc on windows propierties, NOT ip
Check remote server grant permission to Wildcard access to port 3306:
sudo lsof -i -P -n | grep LISTEN
It should NOT be same like this:
mysqld 23083 mysql 21u IPv4 145900142 0t0 TCP
127.0.0.1:3306 (LISTEN)
In this case, we need to update /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/mariadb.conf.d/50-server.cnf with:
bind-address = 127.0.0.1 --> 0.0.0.0
And then restart mysql "sudo service mysql restart"
In order to test mySQL connection from a client:
nc -vz <host_address> 3306
I am trying to connect to mySQL database on a different machine. And the mysql is running on a container.
I used given bridge network ip address generated for docker container to access mysql from different machine(on same wifi network).
before that i have granted access to host IP address by running below commands in mysql console.
GRANT ALL PRIVILEGES ON *.* TO 'root'#'172.x.x.x' IDENTIFIED BY 'root' WITH GRANT OPTION;
flush privileges;
also updated /etc/mysql/my.cnf file
bind-address = 127.0.0.1
bind-address = 172.x.x.x
when i tried to execute with mysql -u root -h 172.17.0.1 -p it is giving
ERROR 1130 (HY000): Host '172.x.x.x' is not allowed to connect to this MySQL server
Is anything i am missing?
You need to add the line below and remove other bind-address configuration in order to be able to receive connections from localhost and other available interfaces :
bind-address = 0.0.0.0
I am trying to configure my server to allow remote connections.
From what I understand I need to uncomment bind-address 127.0.0.1 in the my.cnf file, then restart mysql.
That hasn't worked.
I have also tried changing it to bind-address 0.0.0.0.
That hasn't worked either.
When I try to remotely connect using SQLpro, I get the following error:
MySQL said: Can't connect to MySQL server on '54.444.33.4' (4)
Can anybody offer any other solutions?
Thanks.
First of all; to be able to remotely access your database remotely from another computer etc. You have to give an IP which is either Private or Public and do configurations according to that. In this case, I'll tell you how to do it in LAN :
Do a full fresh installation of MySQL with below commands :
sudo apt-get update
sudo apt-get mysql-server
sudo mysql_install_db
sudo mysql_secure_installation
At the last command, determine a password and press "ENTER" to all other questions it asks during installation to make them default settings.
Go and open terminal and type the command below :
ifconfig
You'll see the Private IP that the router gives you from here, should be something like ex : 192.168.1.10
After you acquire the IP, open the /etc/mysql/mysql.cnf file and change the bind adress to the IP you've acquired, in this case :
bind-address= 192.168.1.10
Restart the server via,
sudo service mysql restart
After this case, I'll give you some tips for Security. Never allow your root user remotely accessible, that is just unsecure. Type the below commands to make another admin user access the Server from anywhere :
mysql -u root -p
(It will ask you password of mysql root user, type it in and get into mysql line)
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
CREATE USER 'username'#'IP ADDRESS' IDENTIFIED BY 'password';
I usually give SELECT, UPDATE, DELETE, INSERT to a remote user, but you can give all privileges as well, I'll give you commands for both :
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
GRANT SELECT,INSERT,DELETE,UPDATE ON *.* TO 'username'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit;
After all these, restart the service once more and you can connect to your MYSQL Server from any computer connected to the network. Cheers!
I'm having trouble opening a up my MYSQL server to ALL remote connections. I have followed many online guides and appear to have something wrong. Perhaps SO could provide guidance? My server details are as follows:
Ubuntu 12.04 Server,
MYSQL Ver 14.14 Distrib 5.5.34, for debian-linux-gnu (x86_64) using readline 6.2
/etc/mysql/my.cnf: Other stuff too, but importantly the bind-address...
bind-address = 0.0.0.0
my.conf has the following permissions:
-rw-r--r-- 1 root root 3516 Jan 31 17:12 my.cnf
The server isn't blocked because:
telnet myDomain.com 3306
prompts for my native mysql password.
MYSQL Queries
CREATE USER 'myUser'#'%' IDENTIFIED BY 'myPASSWORD';
GRANT INSERT
ON db.table_v
TO 'myUser'#'%'
IDENTIFIED BY 'myPASSWORD';
FLUSH PRIVILEGES;
Permissions from show grants for 'myUser'#'%';
GRANT USAGE ON . TO 'myUser'#'%' IDENTIFIED BY PASSWORD '****************'
GRANT INSERT ON db.table_v TO 'myUser'#'%'
I also restarted my server
PROBLEM:
mysql -h myDomain.com -u myUser -p
Enter password:
ERROR 1045 (28000): Access denied for user 'myDomain'#'***MYIPADDRESS***' (using password: YES)
I am also not able to login locally with any user where the host is not specifically local, such as '%' or my home IP.
this is interesting if not typo:
Access denied for user 'myDomain'
are you trying to use your domain name as username? there should be myUser instead of myDomain cause you give remote permissions to myUser only.
also in:
mysql -h myDomain.com -u myUser -p
-h means the host where mysql server resides, not your user's current host. so trying anything other then "localhost" when you're locally trying to connect the database surely gives error cause you are trying to connect a database you are not intend to. suppose you are connected to mysql server locally and typed the above line; this command will try to connect the server at myDomain.com with the user myUser and password you provide. if the permissions you defined are where you run this command, you'll get that access denied error cause you are connecting to a different server.
I think the problem is the location of the .cnf file where you specify the bind-address attribute.
Most guides and tutorials say the file is /etc/mysql/my.cnf but after many tries I realized that the correct place was in mysqld.cnf file under mysqld profile.
Try to include the bind-address attribute there.
To check if this worked for you type "netstat -lt" and find if the local address of mysql process is 0.0.0.0:3306.
Then check again yor connection
You need also create local user account
CREATE USER 'myUser'#'localhost' IDENTIFIED BY 'myPASSWORD';
MySQL Manual | Adding users
I don't advise usage such unsecure statements as
GRANT ALL ON *.* TO 'myuser'#'%';
It creates superuser e.g. grants privileges to all databases for all operations.
May I ask why you need direct access to MySQL? MySQL should really only listen to localhost, but you can access easily using SSH.
If using Windows, Putty allows you to establish an SSH connection to the host, and then forward 3306 localhost traffic to your own computer.
Better still, programs like SQLyog allow SSH tunnel connections to MySQL which is how I usually connect (unless the servers are on a VPN).
Are you using this server for development or does it have a public IP address?
please post the result of
nmap ***MYIPADDRESS***
and
nmap localhost
and
nmap MyDomain
if you do not have nmap install it from apt, then I can help you more.