I can't connect to my server when I use a remote IP address.
Localhost is working fine.
Some info:
OS: Ubuntu 16.04
Database: MariaDB
Port 3306 is open
User has remote (%) access.
I've changed bind-address in 50-server.conf to bind-address = 0.0.0.0 and I tried commenting it out. none of them worked. Also tried putting bind-address = 0.0.0.0in my.conf under a [mysqld] grouptag. After every change I restarted Mysql and tried to connect with this command mrsql -u root -h xxx.xxx.xxx.xxx -p. It works fine for localhost, but does not work when I try my servers IP.
How do I solve this problem?
After days of surfing and trying all the solutions given in stackoverflow, I finally managed to establish connection to mysql or Mariadb remotely.
Here is the solution for accessing mysql db from a remote machine:
Firstly, In your /etc/my.cnf or whatever location my.cnf is located in your machine:
bind-address= THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED
# skip-networking ( This will allow TCP/IP connection)
Secondly, Make sure there is no ip's in /etc/hosts.deny ( This can be root cause for connection in many cases)
> Important:
> 1. restart mysqld = systemctl restart mysqld ( Ubuntu might have diff cmd)
> 2. check status = systemctl status mysqld ( Ubuntu might have diff cmd)
> 3. check port and ip on which mysqld is running = netstat -tlnp It should be running on THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED: 3306 ( Ubuntu might have diff cmd)
Thirdly, Create a user with ALL privileges like :
> GRANT ALL ON db_name.* TO username#THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED IDENTIFIED BY 'password';
> FLUSH PRIVILEGES;
LASTLY, if using workbench or any other client to establish connection. Enter values as:
> HOSTNAME= THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED
>username=username
I hope this helps any of my fellow users!
Related
I'm trying to make a MySQL database on my Raspberry Pi 4, but it isn't going very well, using localhost instead works perfectly but I want to remote control it from my Windows 10 computer on the same internet. When I create a user with the address of 192.168.1.15 by doing this:
sudo mysql -u root
CREATE USER 'lasse'#'192.168.1.15' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'lasse'#'192.168.1.15';
FLUSH PRIVILEGES
exit
I try to login again using this:
mysql -u lasse -h 192.168.1.15 -ppassword // didnt work, error: ERROR 2002 (HY000): Can't connect to MySQL server on '192.168.1.15' (115)
mysql -u user -h 192.168.1.2 -P 3306 -ppassword // didnt work either, same error.
I have these packages installed:
mariadb-client
mariadb-server
default-mysql-server
In the file /etc/mysql/mariadb.conf.d/50-server.cnf (Raspi-os 2021-03-04 with MariaDB installed), you should replace the line "bind-address = 127.0.0.1" (localhost) by "bind-address = 0.0.0.0" (all). After, you should restart your MySQL server : $ sudo service mariadb restart
Error 115 is returned from socket operation (EINPROGRESS), which means that your client can't physically connect to the specified server and port.
The MariaDB database server is not configured correctly, since it doesn't accept remote connections. Please login locally and check the following variables:
SHOW VARIABLES LIKE 'skip_networking' (result should be off)
SHOW VARIABLES LIKE 'bind-address' (should not be 127.0.0.1)
Since these are read only variables, you need to change them (or comment them out with a #) in your my.cnf configuration file.
ERROR 2002 is "Can't connect" error. Check out /etc/my.cnf, look for listen line. It may be listening localhost or 127.0.0.1. You need to change it to listen 0.0.0.0.
There are three things
You need to set the bind-address to 0.0.0.0 (or 192.168.1.15 to be exact and specific)
You might need to set the firewall to allow port 3306 ( or iptables --flush as shortcut )
You need to create a global user (root#'%') in the mysql database or some user like 'root#192.168.1.15' with a password
when all conditions are fulfilled, you should be able to connect to mysql database on 192.168.1.15
What is most likely the case is that the server is not listening on port 3306. As in both lines you implicit or explicit use port 3306. As it is the only constant in the two lines most likely the culprit.
The default port for clients is specified in my.ini in the [client] section, the port used by the server is in the [mysqld] section. They don't necessarily have be the same so check both.
To make absolutely sure what is going on the server — assuming it is linux — use this to list all listening ports:
sudo netstat -tnlp
There, saved you a walk to the docs.
Login to the MariaDb server and edit the file /etc/mysql/my.cnf
Edit the row bind-address=YOUR_SERVER_IP
Restart the server using '/etc/init.d/mariadb restart' or 'systemctl restart mariadb.service'
Problem:
I have server where is install Laravel app and database. But i want share same database with another server. And i want enable remote access.
What i tried:
I changed config file /etc/mysql/mysql.conf
commented out bind-address = 127.0.0.1
Also changed to bind-address = 0.0.0.0 or bind-address = *, not helps
(this is what everywhere i found to do)
ufw is disabled
netstat -ltn returns
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
isn't 127.0.0.1:3306 suppose to be 0.0.0.1:3306?
I try connect from another server
mysql -h xxx.xxx.xxx.xxx -u pf_remote -p
i got error
Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (111)
I think that port is not open, but where else i can open. Do i miss something?
Find mysql.conf and set
bind-address=0.0.0.0
Then login to MySQL and run below 2 commands
GRANT ALL PRIVILEGES ON *.* TO 'pf_remote'#'%' IDENTIFIED BY 'your_password' with grant option;
flush privileges;
then
sudo service mysql restart
Then also make sure you do not have any firewall blocking connections, check by
sudo ufw status
If its enabled, then allow remote connections to MySQL port
sudo ufw allow 3306 && sudo ufw reload
If you are using Amazon Web Services server then allowing connections from within shell won't work, you will have to allow connections from AWS Dashboard
Try to grant priviliges to user for remote access:
mysql> GRANT ALL ON yourDatabase.* TO user#'1.2.3.4' IDENTIFIED BY 'yourPassword';
Also please remember to restart your mysql service after config changes:
sudo /etc/init.d/mysql restart
I have just created one instance on Amazon EC2 for CentOs, and installed mysql on it with root user (password is blank). Then I had created another user for me to connect this instance from remote pc (my local pc). for that I had run following command on terminal one by one.
CREATE USER 'demouser'#'%' IDENTIFIED BY 'demopassword';
GRANT ALL PRIVILEGES ON *.* to 'demouser'#'%';
FLUSH PRIVILEGES;
Then I wrote following line in /etc/my.cnf under [mysqld] section
bind-address=0.0.0.0
Then restarted mysql with following command
sudo /sbin/service mysqld restart
Still, It is not allowed to connect that instance from my local pc. I don't understand what is the problem? I had checked and confirmed that rules on Amazon Security Groups are set properly. (e.g. port 3306 & 22 set to 0.0.0.0 ip address, means any ip address can connect using both ports).
Can someone saw me the mistake of mine?
Slowed
I ran following command to update ipaddress in centos terminal;
sudo iptables -I INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
and It's getting connected... !!!!
For some reason, I've been unable to connect remotely to my MySQL server. I've tried everything and I'm still getting errors.
root#server1:/home/administrator# mysql -u monty -p -h www.ganganadores.cl
Enter password:
ERROR 1045 (28000): Access denied for user 'monty'#'server1.ganganadores.cl' (using password: YES)
Now, I've tried running
GRANT ALL ON *.* to monty#localhost IDENTIFIED BY 'XXXXX';
GRANT ALL ON *.* to monty#'%' IDENTIFIED BY 'XXXXXX';`
and still nothing!
What I'm doing wrong?
EDIT: my.cnf has commented out the bind ip .
To expose MySQL to anything other than localhost you will have to have the following line
For mysql version 5.6 and below
uncommented in /etc/mysql/my.cnf and assigned to your computers IP address and not loopback
For mysql version 5.7 and above
uncommented in /etc/mysql/mysql.conf.d/mysqld.cnf and assigned to your computers IP address and not loopback
#Replace xxx with your IP Address
bind-address = xxx.xxx.xxx.xxx
Or add a
bind-address = 0.0.0.0 if you don't want to specify the IP
Then stop and restart MySQL with the new my.cnf entry. Once running go to the terminal and enter the following command.
lsof -i -P | grep :3306
That should come back something like this with your actual IP in the xxx's
mysqld 1046 mysql 10u IPv4 5203 0t0 TCP xxx.xxx.xxx.xxx:3306 (LISTEN)
If the above statement returns correctly you will then be able to accept remote users. However for a remote user to connect with the correct priveleges you need to have that user created in both the localhost and '%' as in.
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
then,
GRANT ALL ON *.* TO 'myuser'#'localhost';
GRANT ALL ON *.* TO 'myuser'#'%';
and finally,
FLUSH PRIVILEGES;
EXIT;
If you don't have the same user created as above, when you logon locally you may inherit base localhost privileges and have access issues. If you want to restrict the access myuser has then you would need to read up on the GRANT statement syntax HERE If you get through all this and still have issues post some additional error output and the my.cnf appropriate lines.
NOTE: If lsof does not return or is not found you can install it HERE based on your Linux distribution. You do not need lsof to make things work, but it is extremely handy when things are not working as expected.
UPDATE: If even after adding/changing the bind-address in my.cnf did not work, then go and change it in the place it was originally declared:
/etc/mysql/mariadb.conf.d/50-server.cnf
Add few points on top of apesa's excellent post:
1) You can use command below to check the ip address mysql server is listening
netstat -nlt | grep 3306
sample result:
tcp 0 0 xxx.xxx.xxx.xxx:3306 0.0.0.0:* LISTEN
2) Use FLUSH PRIVILEGES to force grant tables to be loaded if for some reason the changes not take effective immediately
GRANT ALL ON *.* TO 'user'#'localhost' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
GRANT ALL ON *.* TO 'user'#'%' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
user == the user u use to connect to mysql ex.root
passwd == the password u use to connect to mysql with
3) If netfilter firewall is enabled (sudo ufw enable) on mysql server machine, do the following to open port 3306 for remote access:
sudo ufw allow 3306
check status using
sudo ufw status
4) Once a remote connection is established, it can be verified in either client or server machine using commands
netstat -an | grep 3306
netstat -an | grep -i established
MySQL only listens to localhost, if we want to enable the remote access to it, then we need to made some changes in my.cnf file:
sudo nano /etc/mysql/my.cnf
We need to comment out the bind-address and skip-external-locking lines:
#bind-address = 127.0.0.1
# skip-external-locking
After making these changes, we need to restart the mysql service:
sudo service mysql restart
You are using ubuntu 12 (quite old one)
First, Open the /etc/mysql/mysql.conf.d/mysqld.cnf file (/etc/mysql/my.cnf in Ubuntu 14.04 and earlier versions
Under the [mysqld] Locate the Line,
bind-address = 127.0.0.1
And change it to,
bind-address = 0.0.0.0
or comment it
Then, Restart the Ubuntu MysQL Server
systemctl restart mysql.service
Now Ubuntu Server will allow remote access to the MySQL Server, But still you need to configure MySQL users to allow access from any host.
User must be 'username'#'%' with all the required grants
To make sure that, MySQL server listens on all interfaces, run the netstat command as follows.
netstat -tulnp | grep mysql
Hope this works !
If testing on Windows, don't forget to open port 3306.
In my case I was using MySql Server version: 8.0.22
I had to add
bind-address = 0.0.0.0
and change this line to be
mysqlx-bind-address = 0.0.0.0
in file at
/etc/mysql/mysql.conf.d
then restart MySQL by running
sudo service mysql restart
I was facing the same problem when I was trying to connect Mysql to a Remote Server. I had found out that I had to change the bind-address to the current private IP address of the DB server.
But when I was trying to add the bind-address =0.0.0.0 line in my.cnf file, it was not understanding the line when I tried to create a DB.
Upon searching, I found out the original place where bind-address was declared.
The actual declaration is in : /etc/mysql/mariadb.conf.d/50-server.cnf
Therefore I changed the bind-address directly there and then all seems working.
I have problem to connect remote LAN MYSQL. While try following commands it shows the following error.
$ mysql -u root -h 192.168.1.15 -p
mysql> GRANT ALL test.* TO root'192.168.1.15' IDENTIFIED BY '';
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.1.15' (10060)
If you have full access to your server (root privileges required):
Step 1: edit my.cnf (usually located in /etc)
Find the following line: [mysqld] and make sure line skip-networking is commented (or remove line) and add following line:
bind-address=YOUR-SERVER-IP
For example, if your MySQL server IP is 66.166.170.28 then entire block should be look like as follows:
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/English
bind-address = 66.166.170.28
# skip-networking
.......
Where
bind-address : IP address to bind to.
skip-networking : Don’t listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.
Step 2: Grant access to all hosts
Start the MySQL monitor with this command: mysql or /usr/local/mysql/bin/mysql. Your shell prompt should now look like this: mysql>. Run this command:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY "PASSWORD";
Where:
USERNAME is the username that you use when connecting using your php script.
PASSWORD is the password you use when connecting.
You now must flush MySQL's privileges. Run this command:
FLUSH PRIVILEGES;
Run this command to exit MySQL:
exit;
Step 3: restart mysql deamon
/etc/init.d/mysqld restart
or
/etc/init.d/mysql restart
depending on what linux distro is your server currently running.
You should also check that your MySQL server has been configured to accept remote TCP connections.
In your MySQL configuration file (my.cnf), you need the following at least:
port = 3306 # Port MySQL listens on
bind-address = 192.168.1.15 # IP address of your server
# skip-networking # This should be commented out to enable networking
The default in some configurations is for the bind-address to be 127.0.0.1, or to skip networking completely, which means only local or unix socket connections are possible. This is for security reasons.
You can also configure the bind-address to be 0.0.0.0 which means it will bind on all IP addresses on the server.
And lastly, check your firewall configuration to allow port 3306.
GRANT ALL ON test.* TO 'root'#'192.168.1.15' IDENTIFIED BY '';
Comment the line below in file /etc/mysql/my.cnf
# bind-address = 127.0.0.1
And add (any)host permission to login(maybe root) on mysql server.
Hard way: you need insert in mysql.host table...
Easy way: use MySQL Administrator->User Administration->Choose user->(Right mouse click)Add host->Select "Any host"
Finally restart server:
/etc/init.d/mysql restart
PS:
Default install aptitude
mysql version: MySQL 5.1.57-1~dotdeb.0
Linux Debian 6 Squeeze
As above, getting rid of "skip-networking" in my.cnf need to be done.
However, on some configurations, that is over-ridden by SKIP="--skip-networking" in a start-up file, such as rc.mysqld. So take that out also.
Does hosts.allow permit one machine to talk to the other in any case?
And leave us not forget the actual documentation.
Just thought I'd throw in another suggestion here...
Some MySQL GUI tools (Sequel Pro for Mac and EMS SQL Manager for Windows) allow MySQL connections through SSH tunnelling. This means you don't have to grant extra privileges. I have found this to be the fastest way of getting remote access to MySQL databases that I administer.