Permission Error when trying to create tunnel to MYSQL DB - mysql

I'm trying to use putty to create a tunnel to a MySQL DB and then use that tunnel to connect to the DB using workbench. When I start putty and check the logs I get the following error message 2015-10-15 17:55:13 Local port 3306 forwarding to192.100.1.199:3306 failed: Network error: Permission denied
But when I view the sql statement for the port for the mysql DB I get
SHOW VARIABLES WHERE Variable_name = 'port';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| port | 3306 |
The thing is I can connect to 192.100.1.199 VM and the hostname for the DB is also 192.100.1.199. Does anyone why this might fail on permissions.

Sounds like you might already have something locally bound to port 3306. I suggest you use a different local port (say 5000) so you end up with
L5000 192.100.1.199:3306
Then connect via localhost:5000.
Were you able to directly use ssh, you would have seen an error message similar to
bind: Address already in use
channel_setup_fwd_listener_tcpip: cannot listen to port: 3306
Could not request local forwarding.
which is probably a lot more informative than what you were getting out of PuTTY :)

Related

Remote user is not able to connect to mariadb

MariaDB is installed on server with IP 1.2.3.4, new MySQL user has been created on 1.2.3.4 for remote IP a.b.c.d, but while trying to connect MySQL on 1.2.3.4 from a.b.c.d giving error:
ERROR 2003 (HY000): Can't connect to MySQL server on '1.2.3.4' (111
"Connection refused")
Investigation-:
trying to telnet from a.b.c.d to 1.2.3.4 at port 3306 also not working
surprisingly when trying to connect mysql from 1.2.3.4 directly using server IP 1.2.3.4 is also throwing error "ERROR 2003 (HY000): Can't connect to MySQL server on '1.2.3.4' (111)
While trying to connect mysql using mysql -h localhost -u root -p is successfully working.
What we are looking for, we want to connect mysql from a.b.c.d to 1.2.3.4, please suggest what we are missing.
addtional information:
on server 1.2.3.4 /etc/mysql/my.cnf is not present, there exist '/etc/my.cnf'
trying to find solution we are referring link "webdock.io/en/docs/how-guides/database-guides/…" some edit is mentioned to in file "/etc/mysql/my.cnf" which is not present.
Added from comment below
Firewall has been disabled, user has already created, mariadb.log showing error while binding
221215 17:10:12 [ERROR] Can't start server: Bind on TCP/IP port. Got error: 99: Cannot assign requested address
221215 17:10:12 [ERROR] Do you already have another mysqld server running on port: 3306 ?
221215 17:10:12 [ERROR] Aborting
Some points to consider.
Check firewall (port 3306 should be allowed for the remote ip if you are running MariaDB on 3306 port )
The user should exists (which you have) and it should be something like;
user#your_remote_ip
Check bind-address in the configuration file, if it set to 127.0.0.1 it will allow only localhost login.
It is a good idea to check the logs , usually located on /var/log/mysql/ or you could verify from the configuration file where the logs are located
log_error = /var/log/mysql/error.log
Most probably it might be a firewall issue.
Make sure that the port on which the database server is running is not closed and is exposed publicly.
Also check if the database configurations allow binding IP is not only set to 127.0.0.1 but every IP can bind.

can I connect to MySQL on a GCP CE VM instance from Windows MySQL Workbench?

As the title implies, I'm looking to connect from my windows laptop, to a GCP VM instance, in which mysql is running there. The database works fine, and if I go into an ssh client from their cloud connection, I can directly use mysql client and interrogate the DB.
I would like to use my local windows MySQL Workbench app, and be able to perform queries, just like I did in my localhost version I built before porting it up to GCP.
How to do this, (without subscribing to GCP Cloud SQL) and attach to my VM instance's sql?
///////////////////////////////////////////////
from John's comment, here's my net stat output:
netstat -tlnp | grep 3306
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 17007/mysqld
and the 3306 is indeed in the port list in mysql:
mysql> SHOW GLOBAL VARIABLES LIKE 'PORT';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| port | 3306 |
+---------------+-------+
1 row in set (0.01 sec)
so my conclusion is that I need to open the port?
#john:
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1669/mysqld
NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED
mysqlaccess default INGRESS 1000 tcp:3306 False
Telnet test of the port from my laptop:
C:\Users\fumanchu>telnet x.x.x.x 3306
[ 5.7.33-0ubuntu0.16.04.1zzzzzzzz}<[:X'mysql_native_password
Connection to host lost.
attempt to use GUI from MySQL Workbench:
ADDED console GCP log showing my VPC entry is there:
mysqlaccess
Ingress
Apply to all
IP ranges: 0.0.0.0/0
tcp:3306
Allow
1000
Off — —
if you can connect via ssh.
change the connection method
There you can enter the same data as in your previous ssh connction
Per #JohnHanley here is a summary of my issues and steps:
Get a working setup of mysql workbench with a local pc database. This ensures you have the DB, and the connection to a local machine working correctly.
export the database to a remote system, in my case it was GCE linux VM (ubuntu I used) There are many easy steps to follow on exporting the db (mysqldump based)
ensure linux vm has mysql server and client setup, and import the db
now to setup the ssh connection:
ensure the port 3306 is open on the linux vm, by going to the VPC service for your vm/project, and insuring the port is open, or adding a rule to expose port 3306 ingress.
connect to the vm (you should have already done this before step 3), by using the GCE console and connecting to the instance. This also ensures you have the local files on the pc for ssh created. (~/.ssh/google_compute_*)
connect to the VM from your pc. use gcloud console tools to check the next step. if you haven't been using gcloud console tools yet, get them installed open a command / powershell window.
type "gcloud compute ssh "name of instance". if this connects, you now know you have the server properly configured for ssh, and accept external requests.
then setting up mysql workbench is same setup of gcloud ssh request...it can use the same credentials and script, which the helper files exist in the above /.ssh/ folder I referenced.

Remote acess to MySql 5.7 does not working

Hi guys I have a situation where I need that my Web Application, hosted in some other machine, access my local MySql Server Instance. My string connection looks like
mysql://<user>:<password>#<my_ip>:3306/<data_base_name>
However when I try to connect I am getting the error:
Can't connect to MySQL server on '1**.***.**.*7' (111)
Searching a little bit I discovered that it could be due the configuration of bind-address in my.conf file. However in MySql 5.7 there is no need to do that once, when I run the select below I get this:
show variables like 'bind%';
+---------------+-------+
| Variable_name | Value |
+---------------+-------+
| bind_address | * |
+---------------+-------+
Searching a little bit more, I found that it could be due the firewall blocking connection on port 3306. Then I created an inbound and outbound rule for that, but I'm still getting this error and I can perfectly connect to my MySql Server locally.
Besides, I've already seen these posts:
Can't connect to MySQL server error 111
ERROR 2003 (HY000): Can't connect to MySQL server on '127.0.0.1' (111)
How to allow remote connection to mysql
https://serverfault.com/questions/823877/mysql-connection-not-working-with-windows-firewall-on
However none of them solved my problem. Someone can help me out?

unable to connect to remote mysql server aws

I woke up this morning and my frontend server could no longer connect to my mysql server. I have no idea why:
The internal ip of my frontend server is 172.31.X.X.
My db server is configured with firewall inbound rules that allow tcp connections on port 3306 via source 172.31.0.0/16
My frontend server is configured with firewall outbound rules that allow tcp connections on port 3306 to the internal ip address of my db server.
The mysql user I use is mysql_prod. These are the privileges I have granted for that user on the db server:
mysql> show grants for mysql_prod;
+--------------------------------------------------------------------------------------------------------------------+
| Grants for mysql_prod#% |
+--------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON . TO 'mysql_prod'#'%' IDENTIFIED BY PASSWORD '*5B761DF55A90C1E168EC63A3B074A607ECC3B2CA' |
| GRANT ALL PRIVILEGES ON wordpress.* TO 'mysql_prod'#'%' |
What am I missing?
The issue occurred because the mysql bind-address was set to localhost, which prevented remote connections. I'm not too sure how this conf got reset (the app was working fine the night before). Anyways, once I fixed it, it was working fine.

Using an alias for the localhost server in MySQL

When I am at the office, MySQL runs on a specific server which is called "mysqldev". In my /etc/hosts file I have set "mysqldev" to match the IP of this server. So far, so good. However, when I am out of the office using my laptop, I want to use my local MySQL database, as I clone specific databases there and have no internet to connect to the office database. I do not want to change my scripts, but rather my laptop configuration. So on my laptop I have set in /etc/hosts:
127.0.0.1 localhost mysqldev
However, for some reason this does not work as expected. If I log in to MySQL using the server at localhost, all good. But when I try to log in on the mysqldev server (same IP as localhost), I get the error:
Warning: mysqli::mysqli() [mysqli.mysqli]: [2002] Connection refused (trying to connect via tcp://mysqldev:3306)
(this is using PHP, but using the command line it is the same error)
The users that are set up on the system have specific permission to log in on this server:
CREATE USER 'test'#'mysqldev' IDENTIFIED BY '123';
GRANT ALL PRIVILEGES ON testdb.* TO 'test'#'mysqldev';
I have also turned off the firewall to test, and it does not make a difference. What could it be?
The MySQL client library tries to guess how to connect to your database. When you give localhost as the hostname, it assumes, that you're using a local socket (search your computer for a file named mysql.sock, probably under /var/lib/mysql or /usr/local/mysql/.
However, when you use anything else, like an ip address, a different hostname, or, in your case, mysqldev, it tries to connect to the host via tcp. From the error message, it seems as if your local mysql server is not listening on the tcp port 3306 (the mysql default)
Check, if your my.cnf (probably /etc/my.cnf or /etc/mysql/my.cnf) allows the use of tcp. If you find a line like
skip-networking
comment it out:
#skip-networking
and restart the server. Then try again to connect.
To find out, where your socket is, connect through localhost and issue the following command:
mysql> show global variables like '%socket%';
+---------------+-----------------------------+
| Variable_name | Value |
+---------------+-----------------------------+
| socket | /var/run/mysqld/mysqld.sock |
+---------------+-----------------------------+
If you are using MAMP Pro and are running into issues, you can simple uncheck the box labeled "Allow local access only" within the MySQL Server settings.