I get an error on my website (MySQL with TCP/IP connection)
Can't connect to local MySQL server
It sounds easy, perhaps, but not so easy to solve as would seem. At first i verified that mysqld process is running. Then connected to SSH server and started /etc/init.d/mysqld restart, but nothing has changed. Also i checked is the server running, using telnet your-host-name tcp-ip-port-number, just in case, but MySQL does not work on this port and shows another error: telnet: Unable to connect to remote host: Connection refused
The last i have tried is to run mysql with the skip-networking option, and it did not help as well as other attempts above. Any suggestions would be very appreciated.
This error normally means that MySQL is not running on the system or that you are using a wrong TCP/IP port number while trying to connect to the mysqld server.
Try to connect to the mysqld daemon on the local machine and check by mysqladmin variables, which TCP/IP port is configured to use mysqld (variable port).
Perhaps you are running MySQL-server with no corresponding privileges for the directory holding the socket file. In this case, either change the privilege for the directory or restart mysqld
Also this discussion might be interesting for you: http://community.office365.com/en-us/f/172/p/266451/815406.aspx
Unfortunately, i am not a pro and my advices can help not much, but that all what i found about your issue
This sounds like you are being blocked by the firewall on the server. You can disable the firewall for a quick test:
service iptables stop
service iptables start
This article will show you how to apply rules to the firewall to allow mysql access.
http://www.cyberciti.biz/tips/linux-iptables-18-allow-mysql-server-incoming-request.html
If you have SELinux, you have another set of problems which I can't help you with.
Sounds to me permission issue.
Does it run on the local machine?
If yes, then it might me possible it isn't allowed to listen any port(security purposes: mostly on a linux based server). Otherwise, Network user might not have permission granted to access mysql over internet.
As you say, if it's a website, I would never allow user access mysql directly but only the server shall: possible security breach otherwise.(you don't want your database to be dropped, do you?)
Well still, proper answer to you question resides here: http://dev.mysql.com/doc/refman/5.1/en/grant.html
and this might help:
Host 'xxx.xx.xxx.xxx' is not allowed to connect to this MySQL server
Firstly, you should verify that MySQL is actually running by checking your processlist. On linux you could do that like this, note that you should see both mysqld_safe and then mysqld as two separate processes.
sudo ps auxwww|grep -i mysqld
If it is not running, I would check the MySQL error log for clues as to why it is not starting.
If you then verify that it is running, we can check to see what ports or unix sockets it is listening on like so. If this doesn't work, get the process ID of mysqld (not mysqld_safe) and try search for that with grep instead of 'mysql'
sudo netstat -anp|grep -i mysql
You'll obviously want to restart without skip-networking to see a TCP socket appear.
Based on the output of that, you should see both a unix socket and a tcp socket. Also check the address in the fourth column for the TCP socket, it will likely say either 127.0.0.1:3306 or 0.0.0.0:3306. The former means that you can only connect via localhost (127.0.0.1) and the latter means the connection will work on any IP address.
If you've gone through all of that and are still not sure why it is working, you could post the processlist and netstat outputs for further review, along with the exact settings you are using to try and connect to MySQL and indicate whether you are connecting from the same server (i.e. locally) or from another server over the network.
See also:
http://dev.mysql.com/doc/refman/5.6/en/can-not-connect-to-server.html
Related
I've installed MySQL on a Google Cloud Virtual Machine (debian buster). What I want to do is to make this accessible publicly (using username / password obviously).
As far as I can tell the server is visible from the outside world, as I can ping the IP and I get results, and I think I've set up a user correctly and given the appropriate permissions so I can log in.
For info, my firewall settings on GCP look like this (this is just the egress, there is one exactly the same for ingress):
Which I'm assuming is correct and leaves the correct port open?
The issue I have when I use MySQL Workbench is that when I try to create a new connection, it gives me the following error:
Your connection attempt failed for user 'username' to the MySQL server at [my ip address]:3306:
Unable to connect to localhost
Please:
1 Check that MySQL is running on address [my ip address]
2 Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)
3 Check the user username has rights to connect to [my ip address] from your address (MySQL rights define what clients can connect to the server and from which machines)
4 Make sure you are both providing a password if needed and using the correct password for [my ip address] connecting from the host address you're connecting from**
Any pointers would be gratefully received.
Update: What is really confusing me is the 'Unable to connect to localhost' error. I'm not trying to connect to localhost...?
Update 2: As per comments, results of the following commands:
Note I am trying to connect using the matprichardson username. The svc2toria user is pointing to my own IP address.
Mat, If you want to use your Google Cloud Instance Database using your MySQL workbench. I suggest you connect to it through an SSH tunnel. So, this problem won't happen. I also ran into this problem several times. Connecting through SSH made the job done.
But if your need is something else, this would not help you at all. If your only purpose is managing your database from your local machine using the MySQL workbench. This will work nicely. Create a USER in your Debian VM. and open port 22 to the public. Also, make sure to have strong credentials or a better key file when connecting through SSH. This method is working for every cloud VM database. I'm using this method for G-Cloud, Azure, and AWS. After all of your work is done. Close port 22 (SSH).
My best guess will be because of number 2. "Check that MySQL is reachable on port 3306 (note: 3306 is the default, but this can be changed)".
Your Virtual Machine will have network security controls / firewall which will be blocking port 3306 by default.
I don't use Google cloud but I believe you are looking for "network details" -> "Firewall rules".
did you change your mysqld.cnf already?
bind-address = 0.0.0.0
As none of the suggestions posted worked I went for the rather more nuclear option of deleting and rebuilding my VM and setting MySQL up again from scratch. I must have done something wrong in my initial setup, as things worked without any issues at all once I’d done this.
The location of the MySQL configuration file differs depending on the distribution.
In Ubuntu and Debian the file is located at /etc/mysql/mysql.conf.d/mysqld.cnf
while in Red Hat based distributions such as CentOS, the file is located at /etc/my.cnf
Open the file with your text editor :
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Search for a line that begins with bind-address and set its value to the IP address on which a MySQL server should listen.
By default, the value is set to 127.0.0.1 (listens only in localhost).
In this example, we’ll set the MySQL server to listen on all IPv4 interfaces by changing the value to 0.0.0.0
bind-address = 0.0.0.0
# skip-networking
If there is a line containing skip-networking, delete it or comment it out by adding # at the beginning of the line.
In MySQL 8.0 and higher, the bind-address directive may not be present. In this case, add it under the [mysqld] section.
Once done, restart the MySQL service for changes to take effect. Only root or users with sudo privileges can restart services.
To restart the MySQL service on Debian or Ubuntu, type:
sudo systemctl restart mysql
On RedHat based distributions like CentOS to restart the service run:
sudo systemctl restart mysqld
For more Detail Read Here
I am currently trying to work through a guide to build an automated phone system using twilio and integrate it into MySQL database (https://www.twilio.com/blog/connect-local-database-twilio-functions). The issue I am having is that I am unable to connect to the MySQL server after tunneling with ngrok.
Here is the command I am running:
mysql --protocol=tcp --host=0.tcp.ngrok.io --port 18477 --user=root -p
When I press run, the terminal sits in idle for several minutes and then outputs:
ERROR 2003 (HY000): Can't connect to MySQL server on '0.tcp.ngrok.io' (110)
Here is a screenshot of ngrok:
I have followed the steps in https://linuxize.com/post/mysql-remote-access/ to further my knowledge on setting up remote access to mysql. At the bottom of the article, it says that this error typically means 'the port 3306 is not open, or the MySQL server is not listening on the IP address." I then followed the links provided and checked both of those. The second image looked at the listening aspect.
Upon encountering this error, I tried to do some research to see if I can track down the issue. I have zero networking experience, so I do not understand anything beyond client and server basics and such. I came across the mysql documentation (https://dev.mysql.com/doc/refman/8.0/en/can-not-connect-to-server.html).
It says, "if the server was started with skip_networking system variable, it will not accept TCP/IP connections at all." Furthermore, it goes on to say, "If the server was started with bind_address system variable set to 127.0.0.1, it will listen for TCP/IP connections only locally on loopback interface and will not accept remote connections."
I have already made the modifications that I have seen across various documentation and articles. Here are some images to show what I have set-up:
The image below is a screenshot from MySQL Workbench. My bind address is open to all and is not restricted to local connections (bind_address in etc/mysql/mysql.conf.d is commented out). Furthermore, port is set to 3306. Lastly, skip-networking is not checked so TCP/IP can occur.
To confirm that MySQL is listening on port 3306, I ran this lsof command with iTCP:3306. I believe this tells me that mysql is listening on 3306. I am not sure if USER refers to the user mysqld is running on, but if it is, I am not sure what this means in the context of root and other users.
I wish this seemed trivial, but with little networking knowledge, I can easily overlook something simple. Any additional information can be provided.
When you connect to MySql via the hostname set up by ngrok, don't use port 3306. Instead, use the port allocated for you by ngrok. In your example it's 18447.
I recently had an issue with my production systems in which a MySQL server was blocking the application server, due to connection errors, and gave the following error:
Host 'xx.xx.xx.xx' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'
I'd like to find a way to simulate this condition (or even trigger the actual condition on a non-production server), so I can respond to it properly. It's a pretty rare problem for my systems, but I'd still like to find a good way to respond to it.
You can avoid this problem by increase peer connections in mysql configurations
Logging to console/terminal with admin privileges
Flush all hosts using mysqladmin:
mysqladmin flush-hosts -u root -p
Open my.cnf (Linux) or my.ini (Windows) and change max_connect_error variable
max_connect_errors= 250000
Restart server with changes
To simulate error connection you can connect to MySQL server and then end connection before succesfull authentication. For example by netcat:
nc -i0.1 <hostname> 3306
I am trying Peewee to connect and retrieve data from a MySQL remote database, but I get the following error:
InternalError: (1130, "Host 'x.x.x.x' is not allowed to connect to this MariaDB server")
Could you help me?
"retrieve data from a MySQL remote database"
"Host is not allowed to connect to this MariaDB server"
Seem to point on a simple problem:
You're not allowed to connect on the DB from "outside".
By default, MySql / MariaDB are only listening on the "inside" of the server, from MariaDb doc :
MariaDB packages bind MariaDB to 127.0.0.1 (the loopback IP address) by default as a security measure using the bind-address configuration directive.
This mean apart for an application that run on the same machine (accessing 127.0.0.1 or localhost), you'll not be able to connect.
Solutions:
SSH tunnelling
This is probably the safest way to allow a connexion on a remote DB.
SSH is a protocol that allow you to connect to a server. It's mainly used on unix server to manage them, but can do a lot more.
How to use it in your case?
if you can connect with SSH to your DB server, then running this simple command on your notebook the will do the trick:
ssh -L 3306:localhost:3306 user#x.x.x.x
Lets explain a bit: first, your run SSH, then, you tell him to enable a port forwarding from your 3306 port to the localhost:3306 port of the server you connect through user#IP.
With this command running, every query from your local machine:3306 will by send to your MariaDB:3306 server, allowing you to use it as if you where on the server.
Allowing a remote-access user
This one is way more dangerous than the previous one. You'll need to take your time and think about every outcome it mean.
As already said, you're not allowed to connect from outside, ssh let you be "inside", but if you know what you do, you can just remove the security.
The point is:
to make an account that'll be able to login from a remote IP,
allow MariaDB to listen on external requests,
and at least, secure other account to disable remote connection.
[I'm not putting the how-to now, if you really need it, I'll update this answer]
I have a MySQL database server on a remote AWS Linux Machine. I can access this server by SSH.
However, I need to access this from my Windows computer and it's not working (using mysql -u root -p -h remoteAddress where remoteAddress in the IP address of my remote server). I also have a local MySQL server installed so mysql -u root -p -h localhost on Windows works normally.
I have read a lot on this but no solutions are working for me. The error I'm getting is:
Error 2003 (HY000): Can't connect to MySQL server on 'remoteAddress' (10060)
Now I have bind-address commented out in my my.cnf file and in addition using phpmyadmin, I can confirm that root can be accessed from anywhere (i.e. it says from %).
Even if I turn off the iptables service, I still get the same error.
Furthemore, if I type in netstat -tln | grep 3306, I get:
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
I don't care about the safety implications presently, I just want to get this working.
After reading the comments on my question I had an idea which led me to the solution. Everything on the server was set up properly except that AWS places a level of security on top of things which needs to be changed.
I simply added MySQL to the list of inbound traffic allowed in the security group settings and that solved it. I should have done this when creating the instance but didn't know that I would be using MySQL on the server at the time.
So I modified the security group to add MySQL traffic.
I know this was a really niche problem but I hope it helps someone if they find themselves in the same situation.