Allowing remote connections to MySQL in Ubuntu Server - mysql

I am experiencing some difficulties to configure MySQL Server and allow remote connections. I am currently using Ubuntu Server 16.04 and the latest MySQL version. This is a Virtual Private Server (VPS) from VpsDime (I apologize if this is not relevant). Everything i have done has been accomplished by SSH protocol using the root user.
This is the error Workbench throws me when I try to connect to MySQL:
Your connection attempt failed for user 'globalAdmin' from your host server at <IP>:3306:
Can't connect to MySQL server on '<ServerIP>' (10060).
I have been following and reading tutorials to configure it at this point. So, the relevant things i have done for this are:
Install the latest version of MySQL
Create a user granting full privileges for local and outsiders by this way:
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
GRANT ALL ON *.* TO 'myuser'#'localhost';
GRANT ALL ON *.* TO 'myuser'#'%';
I modified the MySQL configuration file /etc/mysql/mysql.conf.d/mysqld.cnf using nano. The change i made was replacing this:
bind-address = 127.0.0.1
For this:
bind-address = 0.0.0.0
This is to allow remote connections, this was suppose to be done in my.cnf file, but i modified another file based on the first answer here: https://askubuntu.com/questions/699903/why-is-etc-mysql-my-cnf-empty
Also i added the following two lines in my file.
[mysqld]
bind-address = 0.0.0.0
Finally, using UFW I am allowing the port 3306 and 3306/tcp. Using the command sudo ufw status I am getting this (i am showing only the relevant):
3306 (v6) ALLOW Anywhere (v6)
3306/tcp (v6) ALLOW Anywhere (v6)
Which as far I know is all I need to connect remotely.
The way I am connecting to MysQL server is by MySQLWorkbench for Windows, Connection Method: Standard(TCP/IP) using my server ip address, default port (3306), the "globaAdmin" user I created as mentioned before without Schema.
---The following MAY NOT be relevant---
Im having the same issue for MongoDB, it is funny because I also installed MS SQL Server 2017 and the only thing i did to connect remotely was open ports for it with the UFW tool.

Related

Access Denied for User 'username'#'IP' error - digtal ocean

I've currently set up a staging area for my app in Digital Ocean with LAMP stack. The Framework for my app is Laravel 5.5 and Vue 2x.
In development, I've been using remote MySQL and had no issues with the connection error. However, when I moved it to the staging env, it is giving me access denied error. When I looked at it closely to the error log, Access denied is for username#[digital-ocean-droplet-ip], whereas I have properly configured the MySQL credentials to the remote host IP under laravel's config/database file.
So, I am doubtful if I have to do any configuration under Apache to allow any external MySQL connection? I forgot the cmd but I did allow sfw firewall allow to any port 3306 to the remote server IP address in Apache.
Any help is appreciated.
Thanks!
MySQL by default does not create an user with access from remote connections.
First you need to create an user on database that allows connection from outside (%) or a specific IP
CREATE USER 'newuser'#'%' IDENTIFIED BY 'password';
Than give him privileges
GRANT ALL PRIVILEGES ON *.* TO 'newuser'#'%';
The *s could be replaced by your database and table name respectively
You might also check if in your mysql configuration(/etc/mysql/mysql.conf.d/mysqld.cnf in my case) has this line uncommented
bind-address = 127.0.0.1
Change the ip if necessary
restart mysql and apache
sudo service apache2 restart
sudo service mysql restart
Than update the user and password at your .env file and try again!

Windows mysql workbench can't connect to remote mysql service

I deploy a mysql service on my company remote develop CentOS machine, I'm sure the service is turn on, and it can be access from an other reomte linux machine.
However, I can't connect it from my own Windows PC. I tried mysql workbench client and HeidiSQL client, both failed. I can ping through the remote IP address. I have tried anything I can found on google. Like
add bind-address = 127.0.0.1 to cnf file, and comment out the skip-networking.
I also tried the answer on another question Can't connect to remote server using MySQL Workbench on mac, which allow all machine can access to the service.
But my PC still can't connect to it, which report code 10060 error. So what should I do?
That bind-address = 127.0.0.1 config option means that your mysql server only accepts connections from the localhost, which is your actual CentOS machine. Make sure to set bind-address = 0.0.0.0.
Also, make sure that:
you have connectivity from your windows machine to the CentOS one
no firewall blocks the external connections to the local mysql port
Regarding potential security concerns from opening your mysql instance to the whole internet - first make it work, then make it better
I had the same issue here man,and i discovered that we need to create a user that isnt the root user. I my case, i don't know why yet, the issue was that.
The solution
Steps:
1 - Check the firewall (create a rule for port 3306 or disable it).
2 - Comment the line # bind-address=0.0.0.0 at [mysqld] config optin in C:\ProgramData\MySQL\MySQL Server 5.7\my.ini
3 - Create the user to remote access:
mysql> CREATE USER 'net'#'%' IDENTIFIED BY '123';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'net'#'%' WITH GRANT OPTION;
In my case, solved.

Need mysql remote access with my system IP

I have been using ubuntu 14.04 LTS OS and now i want to give permission of my local mysql server for my colleague system in my network. I need the answes for the following question,
How to bind my system IP address to mysql server. If i execute the command line "mysql -uroot -proot -h192.168.1.198", then received the error message below
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.1.198' (111)
Then how to give permission to other system user to access my local mysql server.
Your MySQL service is bound to serve localhost only (interface binding). This is the default for security reasons. If you really need to access it directly from other hosts, there is a nice How to enable remote access to MySQL on Ubuntu which you could follow:
as root, open your /etc/mysql/my.cnf with your favorite editor
look for the [mysqld] section, and in there for the bind-address keyword. This usually is set to 127.0.0.1 -- change that to match your "normal" IP-address
save the file, and reload the service (e.g. using service mysql restart)
Remember you must enable your remote users to access their database(s) from remote, by setting the appropriate GRANTs -- e.g.
GRANT ALL ON mydb.* TO remoteuser#'%' IDENTIFIED BY 'SomePASSWORD';
Note the #'%', which means "from any host".
Try to telnet MySql server from that PC
telnet 192.168.1.198 3306
If that fails there are two cases:
You have not properly opened MySql Server required ports (default: 3306)
Go to my.ini (or my.cnf) and comment out bind-address and change it to 0.0.0.0 (to listen to all available interfaces) or perhaps the server's LAN IP (192.168.1.XYZ).

Allow remote access MySQL, Ubuntu

Im trying to allow remote accecss to MySQL on my Ubuntu server (VPS).
Im trying to access the database through an Java application Im building in Netbeans. Netbeans kick the following error message, when trying to connect:
Cannot establish a connection to
jdbc:mysql://xx.xxx.xxx.xxx:3306/xxxxxx?zeroDateTimeBehavior=convertToNull
using com.mysql.jdbc.Driver (null, message from server: "Host
'xx.xxx.xxx.xxx' is not allowed to connect to this MySQL server")
I have followed this guide when trying to connect to my MySQL server through Netbeans: https://www.youtube.com/watch?v=Fk2EkBs-Oq4
MySQL
MySQL running on standard port 3306.
In /etc/mysql/my.cnf I have comment out the following row:
bind-address = 127.0.0.1
So no bind-address exist in my my.cnf -file.
UFW
I have UFW installed on my server. ufw status numbered looks like this:
To Action From
-- ------ ----
[ 1] 22 ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] Anywhere ALLOW IN MY-IP-ADDRESS*
[ 4] 3306/tcp ALLOW IN Anywhere
[ 5] 3306/tcp ALLOW IN MY-IP-ADDRESS*
[ 6] 22 (v6) ALLOW IN Anywhere (v6)
[ 7] 80/tcp (v6) ALLOW IN Anywhere (v6)
[ 8] 3306/tcp (v6) ALLOW IN Anywhere (v6)
*MY-IP-ADDRESS = The ip address I have "out" to the internet, which I recive from: http://whatismyipaddress.com/
What am I doing wrong and why cant I connect?
EDIT:
The thing is that if i bind in my.cnf I can only bind one IP. I need localhost access for my live websites running on the vps and also access from my dev-computer (which this thread is aiming). My thoughts was to remove bind in my.cnf to allow all and then grant access through my firewall UFW to localhost and my dev-computer.
if you want to use Connect via PuTTY and tunnel
look at the bottom of this answer
I assume you have a mysql administration tool.
The following will look depending on the tool used linux or something else, but work the same.
Login there and go into the user administration.
If you have installation a normal Mysql, then there should be only root without a host.
From the moment when you have created a localhost, then Mysql assume that you want to manage multiple hosts.
Create a existing host. A computer name exists in your network. Here root#dxxxxx-p. This should be created under the root user.
That's not all now you still have all your tables grant permissions.
Here pricelist has no assigned permissions
But sample has all permissions
With multiple host administration is for example.
A computer with two accessible names
myComp1 : IP 192.168.0.101
localhost : IP 127.0.0.1
If you now connect on the same computer with "mysql -h localhost -u root ...." you get the permissions you have assigned to localhost.
You might think because localhost and myComp1 is the same computer.
Now automatically myComp1 has the same permission as localhost .
But this is not so. So be careful.
Connect via `PuTTY` and tunnel
when you connect you with PuTTY, everything described above is not necessary.
With tunnel you connect as root#localhost on the ubuntu server.
Localhost is here somewhat misleading because it does not relate to your windows computer but on the localhost on the ubuntu server.
Access Your MySQL Server Remotely Over SSH
So you’ve got MySQL on your web server, but it’s only opened to local ports by default for security reasons.
If you want to access your database from a client tool like the MySQL Query Browser or Netbeans , normally you’d have to open up access from your local IP address… but that’s not nearly as secure.
So instead, we’ll just use port-forwarding through an SSH tunnel, so your MySQL client thinks it’s connecting to your localhost machine, but it’s really connecting to the other server through the tunnel.
Go to SSH->Tunnels
After clicked Save
Make sure that the MySQL server are off on the Windows computer.
I'm using MySQL System Tray Monitor.
With a right click, I see all the options.
click Open
If you have done all the settings for SSH on ubuntu right, that should appear here. (If NOT Search for Ubuntu SSH and Putty on the web)
Do not forget: Now that you've logged on ubuntu server you have all the right as root#localhost on the server itself, since root#localhost has all rights, you need not create a host and create permissions to schemas
Now on your windows computer open MySql Query Browser
Now connect to localhost (remember this localhost means localhost on ubuntu)
You can use in Netbeans the same settings to connect to Mysql on Ubuntu
Mysql Query Browser opens you can work on your Databases on UBUNTU
Netbeans
After closing New Connection Wizard
A new connection is created with all Databases On Mysql Ubuntu.
Change
bind-address = 127.0.0.1
To
bind-address = YOUR-IP-ADDRESS*
You need to grant access to that database :
GRANT ALL ON foo.* TO bar#xxx.xxx.xxx.xxx IDENTIFIED BY 'PASSWORD';
And also updated the firewall rules something like :
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

cant access remote mysql server need help

I have a unix server with mysql which I am trying to access from my machine. To clarify, access the mysql server. When I do I get this error.
Connecting to MySQL server 192.168.1.25...
Can't connect to MySQL server on '192.168.1.25' (10061)
Here are my credentials:
username: root
port: 3306
The server is running because I am able to remotely login onto the machine (with ip: 192.168.1.25" and then run mysql from root. What do you think is going on:
Is it a firewall issue?
Accessing as 'root' is being denied?
I am new to mysql.
1)
check the logs
you can see where the logs are by checking the my.cnf file.
mysqld.log might be the file name, but where
2)
a. see if it's a network issue.
telnet 192.168.1.25 3306
b. see if the service is at that port.
ssh to the box
# from the local host
mysql -u root
telnet 127.0.0.1 3306
ps auxw|grep mysql
you should hopefully have enough diagnostic info at this point to figure it out.
Probably because remote root login is not allowed. You can try this article on how to enable remote root:
http://benrobb.com/2007/01/15/howto-remote-root-access-to-mysql/
i have this problem and fix it by
first you must grant all to user
GRANT ALL PRIVILEGES ON databasename. TO 'user'#'%' IDENTIFIED BY 'password';
then
FLUSH PRIVILEGES;
and change the mysql config using
sudo nano /etc/mysql/my.cnf
find "bind-address" row and comment it.
save config and restart mysql using
sudo /etc/init.d/mysql restart
hope solve problem :)
The Message (10061) is do to offline severs or firewall blockage
If you get -the name of your pc - can not connect, then mysql is rejecting the connection and you will have to create a 'user' in the mysql database mysql, table user using the IP of the remote connection', and restart the database service
but for error 10061 check The Firewall in both machines.
Masters PC per say, is the one with the phpmyadmin installation
Allow Destination ip-[the remote] and port 3306 on the Master Machine
and
Allow source ip-[the masters]/with any port, and check your destination port(3306) too. destination ip can also be set on some firewalls.
And if you can, search in your firewall for logs, settings, recent activity, etc... to see what and how you are being blocked.