I am trying to connect Emma to MySQL running on Vagrant Machine with nginx from a remote location. The server (host) has a static ip that can be accessed through internet. It also has its own running MySQL instance that I can connect to. However I want to connect to Vagrant's MySQL from a remote location.
You will need to expose the port of the MySQL server's running on Vagrant to the public internet. There are a number of ways, but the simplest should be configuring Vagrant with port forwarding.
Since you already have another MySQL server running on the host, you would need to forward on another (free) port than the default, for example 6306:
Vagrant.configure("2") do |config|
config.vm.network "forwarded_port", guest: 3306, host: 6306
end
You would also need to explicitly specify that port in the connection url in Emma.
Related
I have a remote Windows server with MySQL and Cygwin (enabling remote SSH connections). When I connect from a local instance of Workbench (i.e. with Workbench handling the tunnel), via SSH as root, I have no problem connecting to the remote database.
I have a need to set up my own tunnel because I have another app that needs MySQL access. I chose to use Putty, and had only partial success.
I can connect (using Workbench as a test client) through my tunnel, localhost:3307, which I have forwarded to myremoteserver.no-ip.com:3306, ONLY if I have the remote root user there set to accept connections from all hosts (%), AND/OR the actual IP of the server.
If I restrict root to 127.0.0.1 (as it should be) I get the error Host x.x.x.x is not allowed to connect to this MySQL server where x.x.x.x is the actual address of the remote server!
Somehow, using Putty to make the tunnel isn't presenting me as a local connection. But instead as a remote connection, even though the remote IP is the IP of the remote server
My Question: How can I set up putty to mimic the way Workbench successfully makes tunnel connections?
Note: All my connections to the remote IP are via a no-ip address. This works when Workbench opens the tunnel. Also my server is run within the AWS EC2 ecosystem.
My current Putty connection is to the no-ip address and tunneling settings are Source:3307, Destination: myremoteserver.no-ip.com:3306, Local and Auto.
Edit: I have also tried 127.0.0.1:3306 as the destination address in the Putty tunnel settings and got the same result.
My current Putty connection is to the no-ip address and tunneling
settings are Source:3307, Destination: myremoteserver.no-ip.com:3306,
Local and Auto.
You want to restrict the remote instance of mysql to only accept connections on the localhost interface, so your tunnel should forward to the remote host's localhost interface instead of its network interface. Change the tunnel's destination address to 127.0.0.1 instead of the server's name.
I just created a test RDS instance through the AWS console, and it has been created successfully (it says it is running and available). I currently have my security groups configured to SSH port 22 (MyIP) Custom TCP Rule port 3307 (myIP) and HTTPS port 443 (MyIP). I am currently trying to connect through MySQL workbench. I am using the endpoint of "RDS_URL" :3307 and inputting my username and password. Every time I try to connect, I get this error:
Can't connect to MySQL server "-RDS_URL-" (10060)
Any suggestions?
Default MySQL port is 3306, In RDS you can't change it but in datacenter hosted DB, you can change by changing in my.cnf file and restart it. Before doing it open the port from firewall rules.
I am trying to access my rds mySql db via 443 only instead of 3306.
After enabling the ssl option on workbench and entering the path to the mysql-ssl-ca-cert.pem I tried to disable tcp 3306 on my security group to insure it connects using 443 but it doesn't.
I can connect using the mysql command line below but yet again it fails once i disable tcp 443 on the security group
mysql -h myinstance.c9akciq32.rds-us-east-1.amazonaws.com --ssl_ca=rds-ssl-ca-cert.pem
Amazon documentation states:
The SSL support in Amazon RDS is strictly for encrypting the connection between your client and your DB instance; it should not be relied on for authenticating the server.
Does this mean that I can only ever authenticate to mysql db over 3306 and not 443, but the data will be encrypted in transit?
My issue is that my customer won't open 3306 outbound on their firewall but 443 is of course opened. Any help appreciated.
You are confusing SSL and HTTPS. Port 443 is the default port for HTTPS connections. MySQL uses 3306 instead (and can use SSL over this port or any other to encrypt the connection). So, setting up SSL encryption for a MySQL connection doesn't affect the used port.
In order to use a different than the standard port you have to reconfigure the MySQL server, which you probably cannot do with an RDS instance.
It is possible to use tunneling to avoid the default port. In this scenario you have to open an SSH tunnel (MySQL Workbench can do that for you or you use an external program like putty on Windows or ssh on *nix like OSes). With that tunnel in place (which uses port 22 by default but can be configured for any other port if that matters for you) you can then forward access from a local port (here 3306, but can be any) to a remote port (can be any as well). This requires an SSH server on the remote end however.
I'd like to connect to MySQL (deamon is running on my VPS) via HeidiSQL. I've created new user, commented bind-adress option and when I try to connect with it via HeidiSQL, I've got an error 2003: Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (10061).
What should I do?
It could be a number of factors.
See if a firewall is blocking your traffic to the other host
Can you simply ping the host from the client machine?
Can you also open a simple telnet session to the host on port 3306 ?
(If the telnet is accepted, you will probably see some characters appear and you will remain in the telnet session for a few seconds before the connection is closed. If not accepted, you will see the message Connection refused.)
There's a simple checklist for this:
Is your MySQL server bound to "localhost" only? It might be listening for connections only on 127.0.0.1 or ::1 instead of any which is usually 0.0.0.0. Try connecting on your server to your server with mysql --host=host_ip where host_ip is your network IP address. I think the default is localhost-only.
Is port 3306 firewalled? Many distributions allow only SSH by default, so you may need to open this up to your client machine. Try not to open this up to everyone on the internet as having an open MySQL port is asking for trouble. It's always best to limit access to a set of specific IPs if possible.
Can you connect via an SSH tunnel instead? This is far more secure as it means your 3306 port is properly firewalled. There are many tools for creating SSH tunnels, but the basic principle is to forward a local port of your choosing to the remote server's port 3306.
New to connecting to databases and have no clue to where to begin to troubleshoot -
I am currently using HeidiSQL to connect to an external Mysql Database Server hosted on the Amazon Web Service - EC2.
I am able to access the database using HeidiSQL with the settings:
MySQL (SSH tunnel)
Hostname/ip: 127.0.0.1
user: (user)
password: (pw)
port 3306
in SSH tunnel tab:
plink.exe location is set to putty.exe
sshhost + port: (my host ip) port 22
private key file: (is set)
local port: 3307
Using this configuration I AM able to log into my database.
My problem is when I am trying to do it using my own putty commands using the port forwarding:
In Putty:
I set SSH>tunnels - source port: 3307, destination (my host ip):3306
Local and Auto.
I connect using my passwords and hostip
Back to HeidiSQL, I put my settings to:
MYSL (TCP/IP)
hostname: localhost
user: (user)
password(pw)
port 3307
and try to connect. I get the following error:
SL ERROR (2013): Lost connection to MySQL server at 'reading initial communication packet', system error: 0
From what I have read, this means my ssh tunnel is working but something else is wrong. I am now at a loss on why this doesn't work. Am i not setting something else up properly? Firewalling myself? My ultimate goal is to hook up another application to communicate with the database using ODBC orJDBC using the same port forwarding idea. Are there logs to check somewhere?
You must set
AllowTcpForwarding yes
PermitTunnel yes
in /etc/ssh/sshd_config
It seem's like your're trying to do this:
http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html
It should work. I assume the ssh server and mysql server are running on the remote machine.
In Putty: I set SSH>tunnels - source port: 3307, destination (my host ip):3306 Local and Auto. I connect using my passwords and hostip
It should be: set SSH>tunnels - source port: 3307, destination 127.0.0.1:3306 Local and Auto.
heidisql: MYSL (TCP/IP) hostname: localhost user: (user) password(pw) port 3307
Notice that if you have a MySQL service running on your local machine, on the port your trying to listen (3307 ) you'll get a 2013 error, even if the local service is down! In that case, use any arbitrary unused port.
Also, if the remote mysql server has the user table (mysql database) restricted to certain hosts this won't work. Unless you find out how the server recognize himself (computer name) and add him on the user table or simply you use the '%' wildcard.
Follow below steps it solved my issue while connecting to Live server:
Find your IP (Google - what is my ip).
Go to C-Panel of your Live Server.
Go to Remote MySQL in C-Panel.
Add IP address that you got from Step 1 and save it.
Now try to connect through Heidi SQL.
Please let me know if it helped.