mysql not connect from remove pc installed on Amazon EC2 - mysql

I have just created one instance on Amazon EC2 for CentOs, and installed mysql on it with root user (password is blank). Then I had created another user for me to connect this instance from remote pc (my local pc). for that I had run following command on terminal one by one.
CREATE USER 'demouser'#'%' IDENTIFIED BY 'demopassword';
GRANT ALL PRIVILEGES ON *.* to 'demouser'#'%';
FLUSH PRIVILEGES;
Then I wrote following line in /etc/my.cnf under [mysqld] section
bind-address=0.0.0.0
Then restarted mysql with following command
sudo /sbin/service mysqld restart
Still, It is not allowed to connect that instance from my local pc. I don't understand what is the problem? I had checked and confirmed that rules on Amazon Security Groups are set properly. (e.g. port 3306 & 22 set to 0.0.0.0 ip address, means any ip address can connect using both ports).
Can someone saw me the mistake of mine?

Slowed
I ran following command to update ipaddress in centos terminal;
sudo iptables -I INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
and It's getting connected... !!!!

Related

MySQL remote access on Ubuntu 16.0.4

The followings are commands which I have executed on Ubuntu.
$ mysql -u root -p
mysql>GRANT ALL ON my_database.* TO user#'MY_REAL_IP' IDENTIFIED BY 'passwd';
$ sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf
#bind-address = 127.0.0.1
$ sudo ufw enable
$ sudo ufw allow 3306
$ service mysql restart
But when I use another computer on Ubuntu to access mysql on MY_REAL_IP type:
$ mysql -u user -p -h MY_REAL_IP
Can't connect to MySQL server on 'MY_REAL_IP'
how to fix it? thx
I guess bind-address should be 0.0.0.0. If you would like to access this server with real IP address. Or, you can access MySQL with simply localhost.
Would you please change bind-address = 0.0.0.0, and restart MySQL ?
EDIT
It looks there is no network connectivity. Please find the way to connect server with port 3306. How to make sure that firewall is off?
You may misunderstand the grand command, user#host means the user can login from host, which in your case, should be another computer's ip, or just use * for all ips
Exact path on Ubuntu 16.04
/etc/mysql/mysql.conf.d/my.cnf
bind-address = 0.0.0.0
service mysql restart

Mysql: Connection refused ERROR: 111

I can't connect to my server when I use a remote IP address.
Localhost is working fine.
Some info:
OS: Ubuntu 16.04
Database: MariaDB
Port 3306 is open
User has remote (%) access.
I've changed bind-address in 50-server.conf to bind-address = 0.0.0.0 and I tried commenting it out. none of them worked. Also tried putting bind-address = 0.0.0.0in my.conf under a [mysqld] grouptag. After every change I restarted Mysql and tried to connect with this command mrsql -u root -h xxx.xxx.xxx.xxx -p. It works fine for localhost, but does not work when I try my servers IP.
How do I solve this problem?
After days of surfing and trying all the solutions given in stackoverflow, I finally managed to establish connection to mysql or Mariadb remotely.
Here is the solution for accessing mysql db from a remote machine:
Firstly, In your /etc/my.cnf or whatever location my.cnf is located in your machine:
bind-address= THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED
# skip-networking ( This will allow TCP/IP connection)
Secondly, Make sure there is no ip's in /etc/hosts.deny ( This can be root cause for connection in many cases)
> Important:
> 1. restart mysqld = systemctl restart mysqld ( Ubuntu might have diff cmd)
> 2. check status = systemctl status mysqld ( Ubuntu might have diff cmd)
> 3. check port and ip on which mysqld is running = netstat -tlnp It should be running on THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED: 3306 ( Ubuntu might have diff cmd)
Thirdly, Create a user with ALL privileges like :
> GRANT ALL ON db_name.* TO username#THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED IDENTIFIED BY 'password';
> FLUSH PRIVILEGES;
LASTLY, if using workbench or any other client to establish connection. Enter values as:
> HOSTNAME= THE_HOST_IP_ON_WHICH_MYSQLDB_IS_INSTALLED
>username=username
I hope this helps any of my fellow users!

Unable to connect remotely to MySQL Database

I'm currently trying to setup a remote connection to a mysql database. I've done this before, and wrote down some steps to follow for next time, but I can't seem to get this one working. Here's the process I've taken so far.
For the purposes of this question, we'll say that my DB is at ip 100.100.100.100 and the remote host I'm trying to connect from is 100.100.100.200.
Ubuntu Server using Mac OSX terminal:
MySQL is installed, and I've logged in as the root
I've edited my /etc/mysql/my.cnf file to look like this
bind-address = 100.100.100.100
there is no --skip-networking field in my file
Restart mysql
create a new user and grant privileges
CREATE USER 'user1'#100.100.100.200
GRANT ALL ON . to 'user1'
then I update the iptables
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
after all this is finished, I log out of mysql, and try to connect from the remote server with the new user
while on ip 100.100.100.200
mysql -h100.100.100.100 -uuser1
and I get this error message
ERROR 2003 (HY000): Can't connect to MySQL server on '100.100.100.100' (110)
is there something I've missed in the process, or could it be something with the servers firewall? I've been scouring the internet for hours trying to figure this out, so the next step was to ask a question. Thanks in advance for any help you can give!
Man that was a pain.
The problem was in the iptables. I simply restarted the server and re-ran the iptable command.
Restarting the server clears all the iptable rules unless they have been explicitly saved.
Here's the resource I used to find out more about iptables.
https://www.digitalocean.com/community/articles/how-to-set-up-a-firewall-using-ip-tables-on-ubuntu-12-04
sudo reboot - restart the server
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT - add rule to iptables
Not sure what was going wrong, but after a restart and a reinsert of the rule, everything worked like a charm.

Connecting to MySQL from Workbench

MySQL remote access
I have a mysql database, running on Ubuntu Server 12.04 that I need to access remotely. For some reason this is become much more of a chore than I think it should be.
I have been through countless threads trying to resolve this issue with no luck what so ever. I do not have another linux box to test my connection. I am only using the MySQL Workbench from a Window 7 machine.
Here is what I have done so far:
set the iptables to accept
set the my.cnf to have the bind address of the server
created a user for both localhost and %
grant all to those users
restarted mysql
verified the user has all priv
verified mysql is listening on 3306
give the correct setting to Workbench and I get
"Your connection attempt failed for user 'USER' from your host to server at x.x.x.x:3306:
Can't connect to MySQL server on 'x.x.x.x' (10061)"
EDIT: I did notice that it show 'localhost and NOT the ipaddress when I run this cmd, but i'm not sure how to change that, or if it is even the issue. Thoughts?
# lsof -i -P | grep :3306
mysqld 5775 mysql 10u IPv4 154265 0t0 TCP localhost:3306 (LISTEN)
vim /etc/mysql/my.cnf
Change the following line to reflect as below:
(bind-address = 127.0.0.1)
bind-address = 0.0.0.0
Close the file then and restart mysql
To verify that mysql port 3306 is listening on all interfaces:
netstat -lnt | grep 3306
You should see this:
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
Find mysql config file (/etc/mysql/)
comment out the following line by putting a hash character in front of it as shown -> #bind-address = 127.0.0.1
-> Restart the server: sudo service mysql restart

ERROR 2003 (HY000): Can't connect to MySQL server (111)

This question is related to the following questions:
Can't connect to MySQL server error 111
Trying to connect to remote MySQL host (error 2003)
I am configuring a new MySQL (5.1) server on my local machine. I need to provide remote access to the database. I did the following steps:
Comment bind-address in my.cnf:
# bind-address = 192.168.1.3
Grant privileges:
GRANT ALL PRIVILEGES ON *.* TO 'nickruiz'#'%' IDENTIFIED BY PASSWORD 'xxxx';
Set port forwarding on router (TCP and UDP, port 3306, 192.168.1.3)
Configure iptables for firewall
sudo iptables -I INPUT -p udp --dport 3306 -j ACCEPT
sudo iptables -I INPUT -p tcp --dport 3306 --syn -j ACCEPT
sudo iptables-save
Restart mysql server sudo /etc/init.d/mysql restart
When testing, I get the following:
LAN:
mysql -h 192.168.1.3 -u nickruiz -p
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 95
Server version: 5.1.63-0ubuntu0.11.04.1 (Ubuntu)
Remote:
mysql -h 1xx.xx.4.136 -u nickruiz -p
ERROR 2003 (HY000): Can't connect to MySQL server on '1xx.xx.4.136' (111)
Clearly there's something wrong that's preventing me from being able to use my global IP address.
Notes:
I've tried testing the remote connection on the same machine and also
via SSH from a remote machine.
I'm not sure if my ISP has given me a static IP.
Any ideas?
Update:
telnet doesn't seem to be working.
telnet 192.168.1.3 3306
Trying 192.168.1.3...
Connected to 192.168.1.3.
Escape character is '^]'.
E
5.1.63-0ubuntu0.11.04.1,0g8!:#pX;]DyY0#\)SIConnection closed by foreign host.
Please check your listenning ports with :
netstat -nat |grep :3306
If it show
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
Thats is ok for your remote connection.
But in this case i think you have
tcp 0 192.168.1.3:3306 0.0.0.0:* LISTEN
Thats is ok for your remote connection.
You should also check your firewall (iptables if you centos/redhat)
services iptables stop
for testing or use :
iptables -A input -p tcp -i eth0 --dport 3306 -m state NEW,ESTABLISHED -j ACCEPT
iptables -A output -p tcp -i eth0 --sport 3306 -m state NEW,ESTABLISHED -j ACCEPT
And another thing to check your grant permission for remote connection :
GRANT ALL ON *.* TO remoteUser#'remoteIpadress' IDENTIFIED BY 'my_password';
errno 111 is ECONNREFUSED, I suppose something is wrong with the router's DNAT.
It is also possible that your ISP is filtering that port.
Check that your remote host (i.e. the web hosting server you're trying to connect FROM) allows OUTGOING traffic on port 3306.
I saw the (100) error in this situation. I could connect from my PC/Mac, but not from my website. The MySQL instance was accessible via the internet, but my hosting company wasn't allowing my website to connect to the database on port 3306.
Once I asked my hosting company to open my web hosting account up to outgoing traffic on port 3306, my website could connect to my remote database.
/etc/mysql$ sudo nano my.cnf
Relevant portion that works for me:
#skip-networking
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = MY_IP
MY_IP can be found using ifconfig or curl -L whatismyip.org |grep blue.
Restart mysql to ensure the new config is loaded:
/etc/mysql$ sudo service mysql restart
I had the same problem trying to connect to a remote mysql db.
I fixed it by opening the firewall on the db server to allow traffic through:
sudo ufw allow mysql
if the system you use is CentOS/RedHat, and rpm is the way you install MySQL, there is no my.cnf in /etc/ folder, you could use:
#whereis mysql
#cd /usr/share/mysql/
cp -f /usr/share/mysql/my-medium.cnf /etc/my.cnf
I have got a same question like you, I use wireshark to capture my sent TCP packets, I found when I use mysql bin to connect the remote host, it connects remote's 3307 port, that's my falut in /etc/mysql/my.cnf, 3307 is another project mysql port, but I change that config in my.cnf [client] part, when I use -P option to specify 3306 port, it's OK.
i set my bind-address correctly as above but forgot to restart the mysql server (or reboot) :) face palm - so that's the source of this error for me!
Sometimes when you have special characters in password you need to wrap it in '' characters, so to connect to db you could use:
mysql -uUSER -p'pa$$w0rd'
I had the same error and this solution solved it.
I had this same error and I didn't understand but I realized that my modem was using the same port as mysql. Well, I stop apache2.service by sudo systemctl stop apache2.service and restarted the xammp, sudo /opt/lampp/lampp start
Just maybe, if you were not using a password for mysql yet you had, 1045 (28000): Access denied for user 'root'#'localhost' (using password: YES), then you have to pass an empty string as the password
Not sure as cant see it in steps you mentioned.
Please try FLUSH PRIVILEGES [Reloads the privileges from the grant tables in the mysql database]:
flush privileges;
You need to execute it after GRANT
Hope this help!