How to set MySql grant to allow external connection to MySql? - mysql

I am not so into DB and I have the following problem.
I have installed a MySql 5.7.17 on a remote Ubuntu 16.04 server and I have to connect to this server from a client installed on my laptop.
So The first thing that I have done is that I have changed the bind-address directive values (into the /etc/mysql/mysql.conf.d/mysqld.cnf file) from:
Bind-address=127.0.0.1
to:
bind-address = 0.0.0.0
to allow also external connection.
The problem is that when I try to connect from my client (installed on my laptop) I obtain this error:
Host 'XXX.YYY.ZZ.JJ' is not allowed to connect to this MySQL server
(where **XXX.YYY.ZZ.JJ* is my laptop IP address).
From what I have understood I also have to give to the mysql user w the db permissions to connect from any host and not just from localhost.
I think that it should be something related to the grant: https://dev.mysql.com/doc/refman/5.5/en/grant.html
What exactly have I to do? I think that I have to access to MySql from my server shell (via SSH) and then perform a query that grant some privileges to the root user (the MySql user) to allow to access from outside.
But I don't know what exactly I have to do. How can I allow this external connection for the roo user?

As you mentioned, you need to login to mysql server with root access and then run following command on mysql prompt
GRANT ALL PRIVILEGES ON your_db_name.* TO 'your_db_user_name'#'%' IDENTIFIED BY 'newpassword';
you can also specify a specific IP instead of %
GRANT ALL PRIVILEGES ON your_db_name.* TO 'your_db_user_name'#'your_IP_here' IDENTIFIED BY 'newpassword';
you can also specify a for all databases
GRANT ALL PRIVILEGES ON *.* TO 'your_db_user_name'#'your_IP_here' IDENTIFIED BY 'newpassword';

Related

Ubuntu Mysql Server not allowing remote connections

I've looked in so many areas to try to fix this problem and I can't seem to find a solution. Im running ubuntu linux with the latest mysql and phpmyadmin installation. I found that connecting to the database locally works but if I try to connect remotely it keeps denying the connections. The only way I can login to phpmyadmin is if I put the ip address in the bar, connecting via the web address will not work.
Are you trying to connect to MySQL remotely or PHPMyAdmin remotely?
If you are trying to access MySQL remotely, you need to do the following:
Edit the bind-address variable in /etc/my.cnf, to 0.0.0.0 or the IP address of your server
Make sure your MySQL user has permissions from remote hosts, do this using:
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
Then:
GRANT ALL ON . TO 'myuser'#'localhost';
GRANT ALL ON . TO 'myuser'#'%';
Then go ahead and restart the mysql instance on your server. This also assumes you have set IP tables up to allow port 3306 TCP incoming to your server.

MySQL Host '::1' or '127.0.0.1' is not allowed to connect to this MySQL server

I have a strange issue on a web server (Windows Server 2012) with MySQL 5.7.16.
I can't connect anymore to mysql server, I don't know why.
If I type mysql -uroot -ppassword appear an error
ERROR 1130 <HY000>: Host '::1' is not allowed to connect to this MySQL server or
ERROR 1130 <HY000>: Host '127.0.0.1' is not allowed to connect to this MySQL server
I tried to use another user with all privileges and I've seen that in host there is only localhost (not 127.0.0.1 or ::1)
How can I login with root#localhost and not with root#127.0.0.1?
It's very frustrating...
Every account trying to use #127.0.0.1 or #::1 but there exist only localhost in host and I can't change it.
If I type mysql -uroot -ppassword I see
ERROR 1130 <HY000>: Host '127.0.0.1' is not allowed to connect to this MySQL server
Same if I type mysql -uroot -ppassword -h localhost or anything else
Ok i Fixed...
I've comment "skip_name_resolve" in my.ini and everything is back to work.. i really don't know why because this record was in my.ini also yesterday..last week.. last month..
The variable skip_name_resolve gives better performance because the server does not try to resolve the names of the connecting clients or look for them every time in the host name cache (even localhost is resolved/searched), but the manual states that config also limits the #localhost connections. The solution is to copy the #localhost users with #127.0.0.1, like this:
CREATE USER 'root'#'127.0.0.1' IDENTIFIED BY 'root-password';
CREATE USER 'root'#'::1' IDENTIFIED BY 'root-password';
FLUSH PRIVILEGES;
where ::1 is localhost for IPv6 addressing. This way we keep the root and local accounts limited to the local server. Using '%' open the potential clients to the world, and we don't want that. Disabling skip_name_resolve also requires the server having an accesible and fast DNS resolver to minimize latency.
I noted that I can connect with a local phpmyadmin even if the user has #localhost; this is because phpmyadmin connects thru a local unix socket, a special type of file used to communicate between processes, and does not need networking.
EDIT: As #Francisco R noted, the new root users also should have full access to all databases by issuing the following commands:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'127.0.0.1'
GRANT ALL PRIVILEGES ON *.* TO 'root'#'::1'
FLUSH PRIVILEGES
I had the same message after a fresh installation with the no-install zip and solved it as follows. Perhaps this could have been a solution for your problem too:
Stop the MySQL server or service.
Open a Command Prompt window with administrative rights and go to the bin folder in the MySQL install directory.
Start MySQL with skip-grants-table and don't forget your config file:
mysqld --defaults-file=[filename] --skip-grant-tables
Open another Command Prompt window and go to the bin folder again.
Now you can login:
mysql -u root -p
Show the users with:
SELECT user, host FROM mysql.user;
Verify there is one 'root' with host 'localhost'.
Change the host:
UPDATE mysql.user SET host='%' WHERE user='root';
Exit the mysql program and close the Command Prompt window.
Type Ctrl-C in the other Command Prompt window to stop the server, then close the Command Prompt Window.
Start MySQL as you normally would and verify that you can login.
Make sure that when you created the user you have specified % as the hostname, otherwise the user will only be able to connect from the localhost.
I came here looking for a solution using Local by flywheel for wordpress development to the same problem, BUT, in a linux machine.
Just if someone faces the same problem, the solution listed here works.
Just comment skip_name_resolve in the file conf/mysql/my.cnf.hbs under the file tree created by Local
Thanks!
Looks that you need to modify your hosts file. C:\Windows\System32\Drivers\etc\hosts
just add the line and save it, (to be able to edit and save you may need to open it as administrator)
127.0.0.1 localhost

access mysql database (mamp) in host from Windows guest (dbforge query builder)

I need to be able to access mysql database that I am running in the host through MAMP (not pro) from a program called dbforge query builder running in the windows host. I try to put the ip address of the host in the program but it returns an error: (vmware guest ip address) is not allowed to connect to this MySQL server.
How can this be solved?
Allow remote access to MySQL server. This can be done via my.cnf file (MySQL configuration file) as:
[mysqld]
bind-address = YOUR_SERVER_IP (or 0.0.0.0 which means all)
grand user with priviliege to access it out of localhost (like 'user'#'%' or at least 'user'#'192.168.1.92' if you want to restrict it to specific IP):
mysql> GRANT ALL PRIVILEGES ON *.* TO 'user'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;

Can't access MySQL from my VM

I have a MYSQL server running on my Windows 7 and I need to access it from a Debian VM but when I try I get this error :
ERROR 2003 (HY000): Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (110)
I checked in my.ini and there is no sign of "bind-address" parameter around so I just can't figure out where the error is.. I can perfectly manage it locally from my Windows. My company is using a proxy but as my VM is on my machine it shouldn't block anything there..
Thanks for your help !
You need to change user host adress as * or given xxx.xxx.xxx.xxx IP.
Look at here: grant remote access of MySQL database from any IP address
To access MySQL from outside. you should enable MySQL remote access .
1- Comment out following lines in Mysql Config(my.cnf/my.ini(for windows))
#bind-address= 127.0.0.1 (if not exist add it and then comment out)
#skip-networking
2- Save the file and restart Mysql server
3- Update GRANT privilege
By default, mysql username and password you are using is allowed to access mysql-server locally. So need to update privilege.
Run following query to update privilege
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Change the 'USERNAME' to your Database user and 'PASSWORD' to User Password
You should check that:
"bind-address = 0.0.0.0" is present in your my.cnf
The user your are using has remote access (not just 'locahost')
Check that MySQL port (usually 3306) is opened if you have a firewall running
I would really advice to create a specific user for remote access with limited rights.
Finally I uninstalled everything and trieed again and it worked so now I close this ticket for good.
Thanks to those who have tried to help me !

MySQL remote connection from outside network

I'm trying to let a client on another network remotely connect to a database i;ve setup, but every time I try and setup the connection for them, i get SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'servername' (110)
I have the following:
MySQL user has been created, with the host set to the IP address of their server
my.cnf bind address has been set to 0.0.0.0
mysql service has been restarted
MySQL is running on port 3306
3306/tcp incoming is allowed in the firewall of my server
I have tested it from other servers INSIDE our network, e.g. my own local PC and from another one of our web servers, setting up a MySQL user for those specific hosts, and it works fine. It's just this one outside our network that doesn't work.
Could it be something on their end that is stopping them being able to connect? Or have I missed anything?
Thanks.
To access MySQL from outside. you should enable MySQL remote access .
Here is the way to do so:
1- Comment out following lines in Mysql Config(my.cnf)
#bind-address = 127.0.0.1
#skip-networking
2- Save the file and restart Mysql server
3- Update GRANT privilege
By default, mysql username and password you are using is allowed to access mysql-server locally. So need to update privilege.
Run following query to update privilege
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Change the 'USERNAME' to your Database user and 'PASSWORD' to User Password