I have a remote Windows server with MySQL and Cygwin (enabling remote SSH connections). When I connect from a local instance of Workbench (i.e. with Workbench handling the tunnel), via SSH as root, I have no problem connecting to the remote database.
I have a need to set up my own tunnel because I have another app that needs MySQL access. I chose to use Putty, and had only partial success.
I can connect (using Workbench as a test client) through my tunnel, localhost:3307, which I have forwarded to myremoteserver.no-ip.com:3306, ONLY if I have the remote root user there set to accept connections from all hosts (%), AND/OR the actual IP of the server.
If I restrict root to 127.0.0.1 (as it should be) I get the error Host x.x.x.x is not allowed to connect to this MySQL server where x.x.x.x is the actual address of the remote server!
Somehow, using Putty to make the tunnel isn't presenting me as a local connection. But instead as a remote connection, even though the remote IP is the IP of the remote server
My Question: How can I set up putty to mimic the way Workbench successfully makes tunnel connections?
Note: All my connections to the remote IP are via a no-ip address. This works when Workbench opens the tunnel. Also my server is run within the AWS EC2 ecosystem.
My current Putty connection is to the no-ip address and tunneling settings are Source:3307, Destination: myremoteserver.no-ip.com:3306, Local and Auto.
Edit: I have also tried 127.0.0.1:3306 as the destination address in the Putty tunnel settings and got the same result.
My current Putty connection is to the no-ip address and tunneling
settings are Source:3307, Destination: myremoteserver.no-ip.com:3306,
Local and Auto.
You want to restrict the remote instance of mysql to only accept connections on the localhost interface, so your tunnel should forward to the remote host's localhost interface instead of its network interface. Change the tunnel's destination address to 127.0.0.1 instead of the server's name.
Related
I'm trying to view my remote database running on digital ocean droplet as data source in Intellij IDEA.
ssh tunnel settings
general database settings
I accessed the database from Sequel Pro through ssh so I believe it is set correctly on the server side.
When I test the connection it says: Connection refused by foreign host.
What have I done wrong?
The ip is correct and the passwords and ssh keys as well, I'm certain of that.
usually the ssh port is 22, if you haven't it customized.
If this tunnel is successful, you can connect against your database with the given port.
Check your screenshot. It shows 3306 for the ssh tunnel.
I'm trying to connect to a remote DB with MySQL Workbench over SSH. The remote DB I'm trying to connect to has firewall which is private key protected (I have coverted this to OPEN SHH). I keep getting an error when I try to connect, I'm just a little confused on what is the information of the DB I should be using. I consistently see people use localhost and the DB changed intermittadely at the same point in different questions. My set up is currently that I have to connect to the server of the firewall(check) now there are multiple VMs running I wish to connect to e.g. 192.1.91.0. I have also a port set up to this on putty( I don't know if this is relevant) on localhost 5000. When I try to connect using 192.1.91.0 port 3306 or localhost 5000. I get the same error. Can anyone help. Attached is an image of the information I put into workbench
I think there are a few misunderstandings here. A firewall is not protected by a keypair. An SSH connection is. The firewall only filters network traffic using specific rules (e.g. only let it pass for enabled network ports). When you use an SSH connection you have to use the MySQL address as seen from the remote SSH connection end. That means if the MySQL server runs on the same machine as the SSH server (which is what you connect to when you use an SSH tunnel) then the address is localhost (or the IPv4/IPv6 loopback address). See my video about connection creation and troubleshooting on Youtube for more details.
To connect workbench with a private database you will need a 'jump host' also called 'bastion host' which can be any EC2 instance in a public subne in same VPC as database.
Follow Below Steps:
Open the security group attached to the database, and add new rule as below:-
Type:MYSQL/Aurora, Protocol:TCP, PortRange:3306,
Source:securitygroupofEC2 (you can all security group by entering
'sg-')
Open the security group attached to the EC2, and make port 22 is open. If not, add a new rule as below:-
Type:SSH, Protocol:TCP, PortRange:22, Source:MY IP
Open Workbench, Click New connection
- Standard TCP/IP over SSH
- SSH Hostname : < your EC2 Public IP > #34.3.3.1
- SSH Username : < your username > #common ones are : ubuntu, ec2-user, admin
- SSH KeyFile: < attach your EC2 .pem file>
- MYSQL Hostname: <database endpoint name> #mydb.tbgvsblc6.eu-west-1.rds.amazonaws.com
- MYSQL Port: 3306
- Username : <database username>
- Password: <database password>
Click 'test connection' and boom done!!
If the MySQL Server is configured to accept remote connections, you can use the servers IP address, but then you don't need to connect over ssh. Once you choose connect over ssh, the workbench creates a portforwarding using the ssh credentials to the specified server. So you have to use localhost as MySQL hostname. Due to the portforwarding, the request will be forwarded to your remote machine. In short: As far as I understand your question, you have to use localhost.
I'm having a weird problem where I can connect to a certain database server from my local machine (and my friend can also connect to the database server from his local machine) but we can't connect to the database server from his AWS server.
What I get on the AWS server is:
"Can't connect to MySQL server on '<IP address>' ".
It's not as if the database server is only allowing connections from certain IP addresses; it didn't know about my IP address before I tried to connect.
Any idea what could be different about my AWS machine that could be making the connection not work?
Is the MySQL server inside the same network as the local machines? If so, it might explain why local machines can connect but the remote AWS can not.
By default, MySQL disables all remote connections. You can check if the remote connections are enabled. It could also be an issue with port block. MySQL uses port 3306 by default. Either MySQL or the AWS might not be configured to send data through the firewall on port 3306.
Here is a decent article explaining how to open these things up.
http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html
I ma following this tutorial on how to connect to a remote MySQL server, however It seems the command doesn't work and often results in Operation timed out when trying to connect to the server:
ssh mysql.xxxxx.com
I can connect directly from my hosting account but not through the Shell on my Mac OS.
There may be a firewall or other network security device in place that prevents you from being able to connect from your Mac. Also, it is possible that the MySQL server is not configured to allow inbound network connections.
You might ask your hosting provider if they filter access to the MySQL port (default is 3306), or if your host is pre-configured with a firewall, and you might check your MySQL configuration file to ensure it is listening for inbound connections.
When you ssh into a remote server, and you do not specify a user name, ssh defaults to your current user.
bobs-macbook-pro:~ bob$ ssh server.acme.com
is the same as:
bobs-macbook-pro:~ bob$ ssh bob#server.acme.com
Try using your username when 'sshing' into the remote mysql machine.
There are two ways to specify your username, either one should work.
1. bobs-macbook-pro:~ bob$ ssh bob#server.acme.com
2. bobs-macbook-pro:~ bob$ ssh server.acme.com -l bob
I'd like to connect to MySQL (deamon is running on my VPS) via HeidiSQL. I've created new user, commented bind-adress option and when I try to connect with it via HeidiSQL, I've got an error 2003: Can't connect to MySQL server on 'xxx.xxx.xxx.xxx' (10061).
What should I do?
It could be a number of factors.
See if a firewall is blocking your traffic to the other host
Can you simply ping the host from the client machine?
Can you also open a simple telnet session to the host on port 3306 ?
(If the telnet is accepted, you will probably see some characters appear and you will remain in the telnet session for a few seconds before the connection is closed. If not accepted, you will see the message Connection refused.)
There's a simple checklist for this:
Is your MySQL server bound to "localhost" only? It might be listening for connections only on 127.0.0.1 or ::1 instead of any which is usually 0.0.0.0. Try connecting on your server to your server with mysql --host=host_ip where host_ip is your network IP address. I think the default is localhost-only.
Is port 3306 firewalled? Many distributions allow only SSH by default, so you may need to open this up to your client machine. Try not to open this up to everyone on the internet as having an open MySQL port is asking for trouble. It's always best to limit access to a set of specific IPs if possible.
Can you connect via an SSH tunnel instead? This is far more secure as it means your 3306 port is properly firewalled. There are many tools for creating SSH tunnels, but the basic principle is to forward a local port of your choosing to the remote server's port 3306.