Connecting to Remote MySQL DB over ssh with workbench - mysql

I'm trying to connect to a remote DB with MySQL Workbench over SSH. The remote DB I'm trying to connect to has firewall which is private key protected (I have coverted this to OPEN SHH). I keep getting an error when I try to connect, I'm just a little confused on what is the information of the DB I should be using. I consistently see people use localhost and the DB changed intermittadely at the same point in different questions. My set up is currently that I have to connect to the server of the firewall(check) now there are multiple VMs running I wish to connect to e.g. 192.1.91.0. I have also a port set up to this on putty( I don't know if this is relevant) on localhost 5000. When I try to connect using 192.1.91.0 port 3306 or localhost 5000. I get the same error. Can anyone help. Attached is an image of the information I put into workbench

I think there are a few misunderstandings here. A firewall is not protected by a keypair. An SSH connection is. The firewall only filters network traffic using specific rules (e.g. only let it pass for enabled network ports). When you use an SSH connection you have to use the MySQL address as seen from the remote SSH connection end. That means if the MySQL server runs on the same machine as the SSH server (which is what you connect to when you use an SSH tunnel) then the address is localhost (or the IPv4/IPv6 loopback address). See my video about connection creation and troubleshooting on Youtube for more details.

To connect workbench with a private database you will need a 'jump host' also called 'bastion host' which can be any EC2 instance in a public subne in same VPC as database.
Follow Below Steps:
Open the security group attached to the database, and add new rule as below:-
Type:MYSQL/Aurora, Protocol:TCP, PortRange:3306,
Source:securitygroupofEC2 (you can all security group by entering
'sg-')
Open the security group attached to the EC2, and make port 22 is open. If not, add a new rule as below:-
Type:SSH, Protocol:TCP, PortRange:22, Source:MY IP
Open Workbench, Click New connection
- Standard TCP/IP over SSH
- SSH Hostname : < your EC2 Public IP > #34.3.3.1
- SSH Username : < your username > #common ones are : ubuntu, ec2-user, admin
- SSH KeyFile: < attach your EC2 .pem file>
- MYSQL Hostname: <database endpoint name> #mydb.tbgvsblc6.eu-west-1.rds.amazonaws.com
- MYSQL Port: 3306
- Username : <database username>
- Password: <database password>
Click 'test connection' and boom done!!

If the MySQL Server is configured to accept remote connections, you can use the servers IP address, but then you don't need to connect over ssh. Once you choose connect over ssh, the workbench creates a portforwarding using the ssh credentials to the specified server. So you have to use localhost as MySQL hostname. Due to the portforwarding, the request will be forwarded to your remote machine. In short: As far as I understand your question, you have to use localhost.

Related

Why can't I connect to my AWS RDS instance?

I am trying to connect with the username, password I've set up with the given host name. I can't connect. I've checked the security group to be configured correctly at PORT allowing incoming from "My IP" which populated my IP there.
What else could I be doing wrong?
When I try to get into the DB using the following command in my terminal:
mysql -h [aws-hostname-endpoint] -P 3306 -u admin -p
I get:
ERROR 2003 (HY000): Can't connect to MySQL server on [aws-hostname-endpoint] (60)
When you setup your RDS instance, also be sure to allow for public access if you want to connect to it from your development machine. SO two things to check:
allow public access for the RDS instance
make sure you inbound rules are setup to allow for a connection from your IP address.
Once you do these two tasks, you will be able to connect via a tool such as MySQL Workbench.
These RDS endpoints are not public (and they shouldn't be), so you can't use them on your computer to connect to them. You could make these endpoints public, but that's not a good idea/design. It's better if you try to connect inside an AWS environment (i.e EC2). Then you can restrict access to that using SSH keys.
We usually create a Bastion server for this purpose to act as a proxy, then you can use an SSH tunnel to connect to the RDS instance. Then all your traffic will be routed through the Bastion server in a secured tunnel.

Connect to remote db with ssh tunneling in DBeaver

I know this question was already asked before (like here), but still I could not find a solution and those posts are quite old.
So I am able to connect to the remote db with an ssh connection and then use the command line like this:
// Putty SSH Connection
host: ssh.strato.de
port: 22
username: xxxxxxx
password: xxxxxxx
// connect to mysql with terminal
mysql -h rdbms -u xxxxxxx -p xxxxxxxx
If I try the same with ssh-tunneling in DBeaver I get an connection error
The ssh-tunneling itself seems to work. If I use the same credentials as above and press "Test tunnel configuration" I get a success message.
I tried several other options for port and host (localhost, rdbms.strato.de, etc), which I found via mysql show variables; show processlist; show user();, but none of them worked.
The Strato Support told me that I can only connect to the db internally with phpmyadmin or remotely wiht putty and mysql, but since the last method is working, shouldn't ssh-tunneling also work?
Dbeaver - Database connection using SSH Tunnel
Open dbeaver
Click on "New Database Connection", in the following "main" window enter the MySQL server host relative to the SSH server, and MySQL running port, my setting is default (localhost, 3306)
specify MySQL user to connect with and user password.
In the "SSH" part, specify the SSH host, port, user also the authentication method used, like SSH private key
Test connection and use.
On shared hosting setups (e.g. IONOS) there might be a restriction when trying to connect to MySQL from external client
https://www.ionos.com/help/hosting/troubleshooting-mysql-databases/connection-and-access-problems-with-mysql-databases/

Access Lightsail Instance's database with MySQL Workbench

I have an Amazon Lightsail Ubuntu multi WordPress site set up with bitnami stack.
I'm looking for a way to access the Instance's database on Amazon Lightsail with MySQL Workbench remotely.
Please note that I do not have a seperate Lightsail database, as I'm trying to do things as cheaply as possible at the moment. So the following guide is not applicable to me.
Connecting to your MySQL database in Amazon Lightsail
According the wp-config.php MySQL database is using localhost:3306
I have static IP address 3.230.xxx.xxx. I have taken the DB username and password from the wp_config.php file.
I've entered the details.
I wonder if anybody else has managed to connect to an Instance's database, rather than a seperate database.
If this is not possible I wonder if there are any suggestions as how to best access this Instance's database remotely.
Found the answer using a similar youtube video which is used to connect to phpMyAdmin.
https://www.youtube.com/watch?v=9VdcQLDmYII
Basically you need to use Putty SSH tunneling in order to connect to the MySQL instance
First I added a new connection in Putty, make sure port 22 is open on
the LightSail firewall
Go to the Connection -> SSH -> Auth tab on the right hand side menu
Enter your SSH key which is downloaded from the Lightsail dashboard,
it will need to be converted in the standard recognised by putty
Go to Connections -> Data tab on the right hand side menu. Add a new
forwarded port we are forwarding localhost:3306 on the server to a
port on our machine 2222
Start the connection via Putty.
Now in MySQL WorkBench go to the connection to database windows.
Enter the port 2222 I entered the DB user and Password from
wp-config.php file and was able to successfully connect.
Also found a second method
Within the MySQL Workbench you can change the connection method to `Standard TCP/IP over SSH'. Gave the SSH key and the relevant details on connection was accepted
Here is what you need to remotely connect MySQL on Lightsail.
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-connecting-to-your-mysql-database
There are 3 steps:
get the endpoint link
enable public mode
configure MySQL workbench
Yes I have - after a marathon tech support session with AWS :)
Although the Lightsail firewall may say port 3306 is open, the server instance itself may have its own firewall settings which close it. On my case teh AMI that was used to set up the instance was configured that way
I my case it was Ubuntu but here is the summary of the advice I got from AWS--
We have connected to the instance via SSH using the user-name 'xxxxxx' from terminal.
--
ssh -l xxxxx 34.xxx.xxx.221
Checked and confirmed that mysql is running on the instance.
systemctl status mysql
Confirmed the port on which mysql is running.
netstat -plnae | grep 'pid'
Checked the 'ufw' firewall rules and noticed that 3306 is not allowed.
ufw status
Opened the port 3306 on ufw firewall
ufw allow 3306
After performing these steps you were able to establish connection to your database
hth

Connect to a live database with MySQL Workbench

I've a question to the mySQL Workbench.
I want to connect to the mysql DB at the domain aaa.com. I write at the connection options these dates:
Hostname: www.aaa.com
Port: Which port do i have to write in?
Username: Username of the DB (which is 100% correct)
Password: Password of the DB (which is 100% correct)
Default Schema: Name of the DB (which is 100% correct)
If I click connect there is following error:
"Access denied"
Also you can ssh tunnel:
Create a new connection, select Standard TCP/IP over SSH.
For SSH host name enter your domain aaa.com (the domain you would SSH to).
For SSH username enter your SSH username, so if if you ssh test_user#aaa.com your user is test_user.
Store your SSH password or key files, which ever you use.
The Mysql hostname should be 127.0.0.1 if the mysql server is on the server you are SSH'ing to, else the IP or host name of you Mysql server.
Mysql server user - your mysqsl user.
And your Mysql server password.
This way your database isn't externally acceptable, meaning no one can trying to access it from outside your server on port 3306, but you still have access it through Workbench
Contact your web hosting company to make sure they allow remote connections first. It's disabled by some hosts. Default port will be 3306.
Generally, for security reasons, the incoming connections from external domains will be disabled. Contact your host if that is allowed.
By the way, the default port of MySQL is 3306.
If you have root access to phpMyAdmin, you can see if the port is opened using this tutorial: Install MySQL and enable remote access.

can cakePHP connect to remote database?

I am setting up CakePHP for the first time in order to develop the server side of the website I'm building. I already have a database set up on a remote server. So I want CakePHP to connect to that server. That's not working. I get a notice "Cake is NOT able to connect to the database."
I've tried changing the settings in cake\app\database.php:
persistent: true or false
host: with or without prefix 'http://'
But none of that helps. All the examples I've seen have server set to 'localhost'.
Can anyone tell me if cakePHP can connect to a remote db? Or am I completely missing the point and should I be using the mysql server included in my WAMP set?
You have 2 options
Option 1
Your webhost needs to allow connections to the mysql instance from outside the local network.
Check the manuals for the webhost if you're allowed to change the mysql configuration yourself you may be allowed to accept incoming connections.
Your method only works when the host accepts incoming connections on for example port 3306 which is the default mysql port.
Option 2
If you have SSH access to the remote host, you're able to set up a tunnel.
Which would make you connect to the Mysql Instance though your SSH connection on a local port.
One way you could do this is by using PuTTY.
How to set up a MySQL tunnel in PuTTY
Initiate the connection and keep it alive.
Use the host 127.0.0.1 and port 3306 in your CakePHP Database config.
Username & Password would be your MySQL User Credentials