I have a MySQL database on another computer and I want to be able to connect from other computers (even computers on different networks). I did the following
MySQL
CREATE USER 'username_here'#'%' IDENTIFIED BY 'password_here';
then
GRANT ALL PRIVILEGES ON *.* TO 'username_here'#'%';
FLUSH PRIVILEGES;
I also commented out bind-address in the my.ini file (I have windows)
Then in the Java application (that utilizes the MySQL database) I did
jdbc:mysql://public_ip:3306/database_name
I used my public ip address in the jdbc url.
Finally, I opened port 3306 in firewall. But I am not able to connect to the database remotely. What other things do I need to do to connect?
First of all: Do not public post your real ip address and port and also say that you opened the firewall. Perhaps hackers now find it too easy to hack, but you can not rely on that ;-).
To your problem: Perhaps you configured your mysql to listen at localhost 3306 and not to your public ip address. Please enter netstat -ltn in your shell. If there is a line
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN
and none with the public host address then you only have access from inside the network. Then, you have to configure your host adress in your mysql ini file. (just replace 127.0.0.1 or localhost by your ip address.
FYI : It is a very bad idea to have a publicly open port to your database server, specially MySQL default(3306) port. You are just inviting people to try to break into your database.
To access MySQL remotely, follow below steps :
1) Comment out following lines in my.cnf file.
#bind-address = 127.0.0.1
#skip-networking
2) Restart mysql server.
net stop MySQL
net start MySQL
If you got The service name is invalid then Open task manager => Click Service button => search MySql service => Restart
Remotely connect with mysql :
mysql -h HOST -u USERNAME -pPASSWORD
You can also check the open port with nmap command :
nmap -PN Ip_address
Note : Mask your ip address in your question.
MySQL Java Connectivity :
Class.forName("com.mysql.jdbc.Driver");
// Setup the connection with the DB
Connection connection = DriverManager.getConnection("jdbc:mysql://publicIpAddress/dbName?",
sqluser,password);
Related
I have tried suggestions in what seems like every post about this topic and none of them have worked for me, so I'm posting my own in case anyone spots anything that I missed.
I'm migrating a wordpress site into a LEMP (ubuntu, apache) stack instance on Digital Ocean, and I need temporary access to the database via MySQL Workbench or something similar on my local machine. I'm planning to turn it off once the migration is done. However I am having a very weird issue I can't figure out the cause for.
If I attempt to sign into the sql instance using
mysql -u user -h my.ip.address -p
I can get access from my local machine just fine.
I can also SSH into the server itself via terminal just fine, I have it set up in my ssh config file using the same ip address and the same user and ssh key i'm attempting to use for my workbench connection.
However doing the same via an SSH connection on workbench I constantly get the error:
Authentication failed, access denied.
Failed to connect to MySql at my.ip.address:3306 through ssh tunnel at user#127.0.0.1 with user mysqluser
Things I've done to attempt to rectify this:
set bind-address in mysql config to 0.0.0.0 on the server and restarted server's mysql
set bind-address in mysql config to my.ip.address on the server and restarted
allowed tcp connection
allowed connection via ufw firewall to 3306 and 33060 ports
created a mysql user with all privileges granted for 'localhost', '%', and '0.0.0.0' hosts
tried sshing in as root user
tried using the root user for the mysql user
I am probably missing some things on that list as I feel like I've tried a million things already!
I even have a different server on a LAMP stack (not LEMP) that I set up a few days ago and was able to gain access to the mysql db on workbench by following the same steps, and even attempted backtracing and copying what I did on the LAMP server, but no go.
I checked to see the netstats of the mysql instance and match the port and the ip and that didn't work, I made sure the port of the SSH was correct, nothing is working.
Does anyone have any tips? I've been using all of the "allow remote mysql connection on digital ocean" articles and questions i can find but nothing is working.
Here is my Workbench connection config at the moment but i have tried what feels like every iteration of it i could think of (re users, passwords, IP addresses, and ports)
SSH Hostname: my.ip.address
SSH Username: user
SSH Password: user-password (also tried empty, since i have a key)
SSH Key File: same key file i use to ssh on terminal
Mysql Hostname: 127.0.0.1 (also tried my.ip.address)
MySql Server Port: 3306 (also tried 33060)
Username: MySqlUser
Password: MySqlUser-Password (works when connecting to mysql via terminal)
As the title says I want to connect remotely to mysql and it is on windows server but I got this error message.
Cant connect to mysql server on X.X.X.X
I am tring it with HeidiSql
I have MariaDB installed.
Also I can connect to server using remote connection.
Server is running and can connect to mysql localy
What have I tried:
I located my my.ini file and checked that I dont have one of these commands:
Skip-networking
bind-address = some IP
I didnt have them there in the first place
I logged in my MariaDB terminal and granted all permisions to user using this:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'192.168.100.%'
IDENTIFIED BY 'my-new-password' WITH GRANT OPTION;
I have added port 3306 to windows firewall
I guess it is worth mentioning that I cant ping that server either
if I do
ping X.X.X.X
it returns:
Pinging X.X.X.X with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for X.X.X.X:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
I have spent many hours on forums and tried all instructions but still cant connect.
Any help would be much appreciated!
The detailed problem can be from two different causes:
First option:
MySQL is binded to 127.0.0.1 or no ip at all. Check netstat on windows cmd for locating 3306 port opened to mysql process and binded to your network LAN interface or 0.0.0.0 (not to loopback / 127.0.0.1 // ::1)
For check netstat, use netstat -a -n -o, you can see in the response the PID of the process too.
For check MySQL is working on the same machine, try to connect from local console using mysql -h 127.0.0.1 (for localhost connection) or mysql -h (your LAN IP) (If you have mysql binded only to your LAN IP address).
Second option:
If first test are OK. Maybe windows firewall is not configured correctly. Try to disable windows firewall (double check disabling it). The error response on your question are because windows firewall are active and blocking connections. When you have verified you can reach 3306 with firewall off, enable it and configure. Check always you're opening the port on the required network profile (Remember, windows firewall can have different rules for private / public connections).
For check firewall correctly configured, try to access to the 3306 port on the computer from another comp on the LAN.
If you have a huge LAN network with VLANs and similar technologies, check your routing topology. Also, remember always for initial checks, disable windows firewall. Your ping are failing because firewall are enabled.
In Google Compute Engine, LAMP installed using 'click to Deploy'. I have enabled ALLOW HTTP,HTTPS traffic also in the API console.
I couldn't connect MySQL via Toad. I tried the following Connection Type 1.SSH, 2.TCP, 3.SSL.
Refer this image:
.
I got issues while connecting through any of these three connection types. How to connect MySQL(created using GCE) via Toad?
I used SSH keys also, is there any specific method to connect to this mySQL created via GCE?
My remote server my.cnf file
If you want to connect to Mysql from a remote PC with Toad:
1) Add a firewall rule in the Developer Console Compute Engine network page to allow tcp:3306 (mysql port) to your IP or to everyone (0.0.0.0/0, easier but not secure) and then use Toad TCP connection.
2) Check that mysql user accepts connections from your IP or from every IP (%) or create a new mysql user. You can connect to instance in SSH and give the following commands to create a new Mysql user:
mysql -u root -p
then create user (change 'newuser' and 'password' according to your needs) :
CREATE USER 'newuser'#'%' IDENTIFIED BY 'password';
Grant user permission:
GRANT ALL PRIVILEGES ON * . * TO 'newuser'#'%';
FLUSH PRIVILEGES;
exit;
If connection still fails:
3) Check that mysql is listening on all IP addresses, for Debian see in /etc/mysql/my.cnf and change bind-address to :
bind-address = 0.0.0.0
and restart mysql:
/etc/init.d/mysql restart
Hope this helps.
Sincerely,
Paolo
Id try to access mysql from another server in the same network and project to help narrow down where your requests are getting blocked. If you can access mysql from another instance then it could be your firewall rules.
Also, does debian have iptables or another software firewall enabled by default?
Im trying to allow remote accecss to MySQL on my Ubuntu server (VPS).
Im trying to access the database through an Java application Im building in Netbeans. Netbeans kick the following error message, when trying to connect:
Cannot establish a connection to
jdbc:mysql://xx.xxx.xxx.xxx:3306/xxxxxx?zeroDateTimeBehavior=convertToNull
using com.mysql.jdbc.Driver (null, message from server: "Host
'xx.xxx.xxx.xxx' is not allowed to connect to this MySQL server")
I have followed this guide when trying to connect to my MySQL server through Netbeans: https://www.youtube.com/watch?v=Fk2EkBs-Oq4
MySQL
MySQL running on standard port 3306.
In /etc/mysql/my.cnf I have comment out the following row:
bind-address = 127.0.0.1
So no bind-address exist in my my.cnf -file.
UFW
I have UFW installed on my server. ufw status numbered looks like this:
To Action From
-- ------ ----
[ 1] 22 ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN Anywhere
[ 3] Anywhere ALLOW IN MY-IP-ADDRESS*
[ 4] 3306/tcp ALLOW IN Anywhere
[ 5] 3306/tcp ALLOW IN MY-IP-ADDRESS*
[ 6] 22 (v6) ALLOW IN Anywhere (v6)
[ 7] 80/tcp (v6) ALLOW IN Anywhere (v6)
[ 8] 3306/tcp (v6) ALLOW IN Anywhere (v6)
*MY-IP-ADDRESS = The ip address I have "out" to the internet, which I recive from: http://whatismyipaddress.com/
What am I doing wrong and why cant I connect?
EDIT:
The thing is that if i bind in my.cnf I can only bind one IP. I need localhost access for my live websites running on the vps and also access from my dev-computer (which this thread is aiming). My thoughts was to remove bind in my.cnf to allow all and then grant access through my firewall UFW to localhost and my dev-computer.
if you want to use Connect via PuTTY and tunnel
look at the bottom of this answer
I assume you have a mysql administration tool.
The following will look depending on the tool used linux or something else, but work the same.
Login there and go into the user administration.
If you have installation a normal Mysql, then there should be only root without a host.
From the moment when you have created a localhost, then Mysql assume that you want to manage multiple hosts.
Create a existing host. A computer name exists in your network. Here root#dxxxxx-p. This should be created under the root user.
That's not all now you still have all your tables grant permissions.
Here pricelist has no assigned permissions
But sample has all permissions
With multiple host administration is for example.
A computer with two accessible names
myComp1 : IP 192.168.0.101
localhost : IP 127.0.0.1
If you now connect on the same computer with "mysql -h localhost -u root ...." you get the permissions you have assigned to localhost.
You might think because localhost and myComp1 is the same computer.
Now automatically myComp1 has the same permission as localhost .
But this is not so. So be careful.
Connect via `PuTTY` and tunnel
when you connect you with PuTTY, everything described above is not necessary.
With tunnel you connect as root#localhost on the ubuntu server.
Localhost is here somewhat misleading because it does not relate to your windows computer but on the localhost on the ubuntu server.
Access Your MySQL Server Remotely Over SSH
So you’ve got MySQL on your web server, but it’s only opened to local ports by default for security reasons.
If you want to access your database from a client tool like the MySQL Query Browser or Netbeans , normally you’d have to open up access from your local IP address… but that’s not nearly as secure.
So instead, we’ll just use port-forwarding through an SSH tunnel, so your MySQL client thinks it’s connecting to your localhost machine, but it’s really connecting to the other server through the tunnel.
Go to SSH->Tunnels
After clicked Save
Make sure that the MySQL server are off on the Windows computer.
I'm using MySQL System Tray Monitor.
With a right click, I see all the options.
click Open
If you have done all the settings for SSH on ubuntu right, that should appear here. (If NOT Search for Ubuntu SSH and Putty on the web)
Do not forget: Now that you've logged on ubuntu server you have all the right as root#localhost on the server itself, since root#localhost has all rights, you need not create a host and create permissions to schemas
Now on your windows computer open MySql Query Browser
Now connect to localhost (remember this localhost means localhost on ubuntu)
You can use in Netbeans the same settings to connect to Mysql on Ubuntu
Mysql Query Browser opens you can work on your Databases on UBUNTU
Netbeans
After closing New Connection Wizard
A new connection is created with all Databases On Mysql Ubuntu.
Change
bind-address = 127.0.0.1
To
bind-address = YOUR-IP-ADDRESS*
You need to grant access to that database :
GRANT ALL ON foo.* TO bar#xxx.xxx.xxx.xxx IDENTIFIED BY 'PASSWORD';
And also updated the firewall rules something like :
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
We have a MySQL server in one of the remote Virtual Machine (Windows Server 2008). Till yesterday we were able to connect to the MySQL server, with the help of workbench installed in our local machine.
Yesterday there was a restart to the machine which has the Virtual Machine installed. After that we are unable to connect to MYSQL. Though I can ping and remote connect this particular VM. I can even execute the queries inside the workbench installed in the VM.
I am not too good at networking or security related stuffs. Please help me to solve this issue.
Error :
Your connection attempt failed for user 'root' from your host to server at ABC:3306: Can't connect to MySQL server on 'ABC' (10060)
Really this could be a magnitude of possible reasons, hopefully this is a start:
Check basic network
From the MySQL virtual machine open up a command prompt and type IPCONFIG /ALL. This will show you all the IP addresses bound to different network adapters.
Check that the IP address you're connected to is listed there, the virtual machine might have got a new IP from DHCP rather than having a static IP after its restart.
Hostname vs IP
You should check the hostname resolution, from your quoted error it would suggest you are you are connecting to a hostname rather than a server IP. Check your machine can resolve to the hostname using the correct IP address - it could also be worth changing the hostname for the actual IP of the server in the connection string.
MySQL config file
You've said you're running MySQL on Windows, it was customary to rename the my.cnf to my.ini. The configuration file for older versions of MySQL previous to 4.1.5 was usually stored in either c:\my.ini or c:\windows\my.ini. For versions after this the default location is the installation directory usually %PROGRAMDATA%\MySQL\MySQL Server xxx.
When you have located the configuration file please open it on Notepad (or similar text editor), locate the [mysqld] section and make sure that port= the port you're trying to connect to and bind-address= the IP address you're trying to connect to.
Server ports
From the MySQL virtual server open a command prompt and type netstat –ano, this will show you a list of processes and what IP's / ports they are listening on. The MySQL server should be listed here and should be listening on the same port and IP as the config file defines.
Windows firewall
You should have a firewall rule to allow MySQL, the following will add one on the default port of 3306
netsh advfirewall firewall add rule name="MySQL Server" action=allow protocol=TCP dir=in localport=3306
Identify if this is machine specific
You could setup the MySQL Workbench application on another workstation and try to connect to identify if this is a global problem or just one related to your specific workstation.
mysql administrator of your database should allow remote connection to the mysql server.
change this in my.cnf:
bind-address = 127.0.0.1 # this shoul be your mysql server ip
and comment this:
# skip-networking
Chances are that your configuration was set up for an IP that has changed. By default, mysql won't let you connect from remote hosts unless you explicitly give permissions for a specific user on a specific schema or a group of schemas, for example if you did something like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'1.2.3.4' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Maybe what you actually did was to set the grant onto your own IP address, that is the address of your local machine, and if your local machine (not the remote server) has changed it's IP address, then mysql will not let you connect unless you have the "1.2.3.4" IP address which obviously you don't have anymore if you have a dynamic IP address (common with DSL/Cable connections)
So connect through SSH or Telnet or whatever you use to your windows server and go to mysql as root and do this:
SELECT * from information_schema.user_privileges;
That will show you the grants on all users and how they are allowed to connect. If you don't see your local IP Address listed there or a wildcard (which would allow you to connect from any remote machine to the server) then you have to set it up like this:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Where USERNAME of course is your user. See that after the on there is a wildcard / dot /wildcard that means you want that user to be able to connect to any schema (database, for mysql) from any user from any network. But I'd recommend that you only do the grant for the user for the specific schema you need to connect to.
Then after that, if you actually had the right information and still can't connect than use a portscanner like nmap or something like that to do a port scan and see if mysql is:
Open and listening to external network
Running on the port that you actually want to connect through
If 1 is true, then check 2 because maybe there is a misconfiguration of the port. But if any of these 2 points do work then it sounds definitely not like a network configuration but a user setting or something else.
GRANT ALL ON *.* to user#'%' IDENTIFIED BY 'password';
this command should do the trick for all users #Gustavo Rubio has already given the proper explanation.
To ensure what ports are open run cmd in the virtual machine and type.
netstat -a
TCP 127.0.0.1:3360 Hostname:3360 LISTENING
The my.cnf is located Mysql-install-path\MySQL\MySQL Server xxx make sure you backup original before changing
Can't connect to [local] MySQL server
Testing The MySQL Server Installation on Microsoft Windows
MySQL Workbench: Manage MySQL on Windows Servers the Windows way
For the first time you need to test and make sure your connection to mysql is not blocked by the firewall.
To disable the firewall on each host in your cluster, perform the following steps on each host.
1. Save the existing iptables rule set.
iptables-save > /root/firewall.rules
2. Disable iptables.
For RHEL, CentOS, Oracle, and Debian:
chkconfig iptables off
and
/etc/init.d/iptables stop
For SLES:
chkconfig SuSEfirewall2_setup off
and
rcSuSEfirewall2 stop
For Ubuntu:
service ufw stop
https://www.cloudera.com/documentation/enterprise/5-7-x/topics/install_cdh_disable_iptables.html
Depends on your setup, but if you're using cPanel just go to RemoteMYSQL and enter your host. You can also use a wildcard. Below worked for me when I was getting the error
"Could not connect to DB server '' as user ''. port : Host '' is not
allowed to connect to this MySQL server"
On MySQL v5.6 this may be the case.
When another server communicate by advertising its hostname instead of IP address, the resolution might fails (because your user is using IP address instead of hostname for example).
So, you need to disable the following,
skip-host-cache
skip-name-resolve
Or maybe create the user with appropriate hostname (instead of IP address). You may find the hostname when establishing the connection to the remote MySQL.