Connecting to Amazon RDS Mysql from a server - mysql

I'm struggling to connect to my Mysql instance on Amazon RDS from a web server. I get this error:
Error: Unable to connect to MySQL.
Debugging errno: 2005
Debugging error: Unknown MySQL server host 'my-database-address.eu-west-1.rds.amazonaws.com:3306' (20)
Using this connection function:
$connect = mysqli_connect("my-database-address.eu-west-1.rds.amazonaws.com", "username", "password","database");
I've setup my Instance to use a Security Group with the following settings:
RULE | TYPE | PROTOCOL | PORT RANGE | SOURCE
Inbound | MYSQL/Aurora | TCP | 3306 | Anywhere
Outbound | MYSQL/Aurora | TCP | 3306 | Anywhere
Am I missing some rules in my security group? Should I specify the server IP address instead of chosing "Anywhere". Or is my function wrong?

Related

Remote acess to MySql 5.7 does not working

Hi guys I have a situation where I need that my Web Application, hosted in some other machine, access my local MySql Server Instance. My string connection looks like
mysql://<user>:<password>#<my_ip>:3306/<data_base_name>
However when I try to connect I am getting the error:
Can't connect to MySQL server on '1**.***.**.*7' (111)
Searching a little bit I discovered that it could be due the configuration of bind-address in my.conf file. However in MySql 5.7 there is no need to do that once, when I run the select below I get this:
show variables like 'bind%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| bind_address | * |
+---------------+-------+
Searching a little bit more, I found that it could be due the firewall blocking connection on port 3306. Then I created an inbound and outbound rule for that, but I'm still getting this error and I can perfectly connect to my MySql Server locally.
Besides, I've already seen these posts:
Can't connect to MySQL server error 111
ERROR 2003 (HY000): Can't connect to MySQL server on '127.0.0.1' (111)
How to allow remote connection to mysql
https://serverfault.com/questions/823877/mysql-connection-not-working-with-windows-firewall-on
However none of them solved my problem. Someone can help me out?

Can't connect remotely to MariaDB

I'm configuring my EC2 server. I managed to install php, laravel etc. (with a bit of suffering though). Now I
created an user on MariaDB
granted all permissions from remote
enabled bind-address = 0.0.0.0 in my.cnf
tested local login, works
opened rules in the Security group for Mysql/Aurora, port 3306, TCP, all IPs, both incoming and outcoming
but still can't login from remote, I get
ERROR 2003 (HY000): Can't connect to MySQL server on 'yyz.yyz.yyz.yyz' (110)
What can I do? I don't have any iptables of sort, everything is supposed to be plain simple... but it's not :-(
I'm trying to connect from outside the Amazon network, with this string
mysql -u myuser -pmypwd -h yyz.yyz.yyz.yyz -D myschema
Please notice that from the server itself I can connect using
mysql -u myuser -p -h localhost -P 3306 -D myschema
Thank you
Marco
P.S. For reference, here are my MariaDB users
+---------------------------------------------+-----------+
| host | user |
+---------------------------------------------+-----------+
| % | myuser |
| 127.0.0.1 | root |
| ::1 | root |
| ip-yyz-yy-zz-yyz.us-west-2.compute.internal | root |
| localhost | root |
| localhost | myuser |
+---------------------------------------------+-----------+
EC2 instances have two IP addresses, internal and external.
It looks to me like your user table authorizes access from the internal IP address.
ip-yyz-yy-zz-yyz.us-west-2.compute.internal | root
Are you trying to connect to the internal address from outside AWS? That Doesn't Work™.
If you're trying to connect to the external address, you'll have to add it to your user list.
For troubleshooting but not production, you can add a * | root user.
You can also try https://xyz.xyz.xyz.xyz:3306 from a browser. It won't connect, but if it times out you know there's no route to that address from your machine. If it yields some kind of gibberish, immediately, you know the MySQL port is visible.
good news and bad news.
Good news: I solved the issue!
Bad news: We all were right. It was enough to open the 3306 port in the Security Group. The issue was that - for reasons unknown to me - I kept seing the wrong security group. I logged off, logged in again and saw the right one. Enabled the port 3306 there and - magic - it worked!
Thank you to everybody who spent time in order to help mi fixing this!

MySQL Error 61 cannot connect

I read this SO post. And a few others. I've set up a Amazon EC2 server on ubuntu. I created a MySQL database and I'm trying to connect to it via MySQL Workbench.
Using standard TCP / IP over ssh I am able to connect using a .pem key.
I created a new user using the Workbench GUI and have granted the new user all privileges.
Within Amazon EC2 interface I added tot he security group to allow both ssh and TCP each with source 0.0.0.0/0 and ::/0.
When I ssh into the server via the terminal I am able to connect this user to MySQL mysql -uthe_new_usr -p. I am unable to within MySQL Workbench.
mysql> SELECT User, Host FROM mysql.user;
+------------------+------------------+
| User | Host |
+------------------+------------------+
| root | % |
| reporting | % |
| root | 127.0.0.1 |
| root | ::1 |
| root | ip-123-45-67-891 |
| debian-sys-maint | localhost |
| root | localhost |
+------------------+------------------+
Once again, I am able to connect using the standard TCP / IP over SSH option which uses my .pem key. But I'm trying to create a standard TCP / IP connection with the newly created user.
On the connection wizard there are inputs for hostname, port and username:
I changed the entry in hostname to the IPv4 field shown my EC2 instance dashboard in a similar format of number xx.xxx.x.xxx. This is the same hostname I used for the TCP / IP over ssh connection (Which does work using a .pem key).
I changed the user to the same username that I set when I created the new user, via Workbench, with my root user.
For the port I've tried leaving as is 3306, 22 and removing it. Here's a screen of the security group for my EC2 instance.
When I click "Test Connection" I get the message "Failed to Connect to MySQL at xx.xxx.x.xxx:3306 with user my_new_usr. Can't connect to MySQL server on 'xx.xxx.x.xxx' (61)".
From the linked SO post at the top, I typed netstat -tulpen in my remote connection too:
ubuntu#ip-xxx-xx-xx-xxx:~$ netstat -tulpen;
(No info could be read for "-p": geteuid()=1000 but you should be root.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State User Inode PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 0 9331 -
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 106 12552 -
tcp6 0 0 :::22 :::* LISTEN 0 9345 -
udp 0 0 0.0.0.0:49678 0.0.0.0:* 0 7949 -
udp 0 0 0.0.0.0:68 0.0.0.0:* 0 8029 -
udp6 0 0 :::28589 :::* 0 7950 -
I'm not sure where to look next?
With the help of a friend:
Edited my.cnf file in so that bind address = 0.0.0.0
Then had to restart mysql sudo restart mysql
That did it.

Permission Error when trying to create tunnel to MYSQL DB

I'm trying to use putty to create a tunnel to a MySQL DB and then use that tunnel to connect to the DB using workbench. When I start putty and check the logs I get the following error message 2015-10-15 17:55:13 Local port 3306 forwarding to192.100.1.199:3306 failed: Network error: Permission denied
But when I view the sql statement for the port for the mysql DB I get
SHOW VARIABLES WHERE Variable_name = 'port';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| port | 3306 |
The thing is I can connect to 192.100.1.199 VM and the hostname for the DB is also 192.100.1.199. Does anyone why this might fail on permissions.
Sounds like you might already have something locally bound to port 3306. I suggest you use a different local port (say 5000) so you end up with
L5000 192.100.1.199:3306
Then connect via localhost:5000.
Were you able to directly use ssh, you would have seen an error message similar to
bind: Address already in use
channel_setup_fwd_listener_tcpip: cannot listen to port: 3306
Could not request local forwarding.
which is probably a lot more informative than what you were getting out of PuTTY :)

MySql ERROR 1045 (00000): Access denied - different MySQL versions

I need to get an old MySQL Client (4.1) to connect to an even older MySQL Server (3.23).
The goal is to do a Java/JDBC connect to the old Linux/MySQL 3.23 database, in order to update text information for a Lucene search (which will also run on linuxdev2).
The problem is that I can't connect to the Linux/MySQL 3.23 server from a remote Linux/MySql 4.1 client. I can't connect from JDBC; I can't connect from "mysql":
LOCAL (intranet):
mysql -uSOMEUSER -pSOMEPASSWORD mysql => OK
REMOTE (from linuxdev2):
mysql -uSOMEUSER -pSOMEPASSWORD -hintranet mysql => FAILS:
ERROR 1045 (00000): Access denied for user: 'SOMEUSER#linuxdev2' (Using password: YES)
PERMISSIONS (on intranet):
mysql> select User,Host,Password from user order by User;
+-----------+-----------------------------+------------------+
| User | Host | Password |
+-----------+-----------------------------+------------------+
| SOMEUSER | % | 233780be35015f2c |
| SOMEUSER | localhost | 233780be35015f2c |
| ...
These are the hosts:
Component Intranet: Linuxdev2:
--------- -------- ---------
Java N/A Sun Java 1.5.0_03
JDBC N/A mysql-connector-java-3.1.6-3
MySQl Server mysql-server-3.23.22-6 mysql-4.1.10a-3.8
MySql Client mysql-3.23.22-6 mysql-client-4.1.10a-3
I took an Ethereal trace and verified the TCP/IP connection from linuxdev2 to intranet is OK:
a) They connect on port 3306
b) Linuxdev2 does a "Login request Caps"
c) Intranet replies with "Response Error Code: 415" (access denied)
MySQL's password algorithm changed in v4.1 - the same password() function, but different hashing algorithms, so connecting with a v4.1+ client to an older v3.x server using password()-created passwords won't work.
Ref: http://dev.mysql.com/doc/refman/5.1/en/password-hashing.html