We Keep Coding

MYSQL refuses remote connection with error "ERROR 2003 (HY000)" and TCP error 111

I have installed MySQL 8.0.25 on Ubuntu 20.04 LTS (ARM) instance on AWS.
I can access it using 127.0.0.1 address locally, but can't access it remotely from another instance.
"Bind-address" was commented out originally, I uncommented it and changed to "0.0.0.0" (mysql service was restarted) - didn't help, so I commented it back.
"Skip-networking" is not in the cnf file.
I changed the port to 3307 just to be sure that I'm looking at the right cnf, and now MYSQL does listen to port 3307:
locally I can connect using port 3307, but not remotely:
Here are the iptables:
I know that firewall works well, because if I remove port 3307 from the rules, the error is different:
As you can see, TCP error 111 ("Connection Refused") became error 113 ("No Route to Host").
Telnet connection is refused with the same error:
I've rebooted the MySQL instance - no change.
Why would MYSQL refuse remote connection, if "bind-address" is commented out, and firewall is open?

#stdunbar's comment pointed me in the right direction.
The problem happened because I followed the MYSQL installation instructions at https://www.digitalocean.com/community/tutorials/how-to-install-mysql-on-ubuntu-20-04 , and ran the security script while configuring MYSQL:
sudo mysql_secure_installation
For some reason, this script causes MYSQL to ignore the bind-address setting in the cnf file, while it still uses the port setting - very confusing!
When I installed MYSQL without running the security script, the "local address" of the MYSQL daemon in the netstat -lnp | grep mysql command changed from 127.0.0.1:
to 0:0:0:0 :
After this, MYSQL started to accept remote connections.
Of course, I still had to create a remote user:
CREATE USER 'root'#'remotehostname' IDENTIFIED WITH caching_sha2_password BY 'newpassword';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'remotehostname' WITH GRANT OPTION;

Unable to Access MySql 8.0 Database from Remote Windows Server

I have Installed MySql 8.0 Version in a windows
server and able to connect via WorkBench/MySql shell locally.
I would like to access MySql from a remote windows server.
Here are the things I have tried.
1) Created root#% user and Grant full access to the new user.
2) Created a new user as test#'remoteserveripaddress' and Grant full access to the user.
3) Opened port 3306 on Both Remote and MySql server.
4) Added "bind_address=*" in my.ini file and restarted the MySQL80 Service.
I am running out of options.
Error: I am getting below error
Failed to connect MySql at UserName#hostipaddress:3306
SSL connection error: error:00000000:lib(0):func(0):reason(0)
No matter how many different ways I try.
Not sure what am I doing wrong ??

Try to execute below command in your terminal :
mysql -h server -P 3306 -u root -p
If you successfully connect to your database, the same thing has to happen with Mysql Workbench.
If you are unable to connect then I think 3306 port is acquired by another process.
Find which process running on 3306 port. If required, give admin privileges using sudo.
netstat -lnp | grep 3306
Kill/stop that process and restart your MySQL server. You are good to go.
Execute the below command to find my.cnf file.
mysql --help | grep cnf
You can change MySQL port to any available port in your system. But after that, make sure you restart MySQL server.

Connecting to MySQL db

When I attempt to connect from Windows 7 using 32bit and 64bit mysql-connector-odbc-5.3.2 and the connectionstring:
Provider=MSDASQL;Driver={MySQL ODBC 5.3 Driver};Server=192.168.1.13;Port=3306;Database=mydb;Uid=root;Pwd=****;
I get
[Microsoft][ODBC Driver Manager] Data source name not found and no default driver specified
Likewise with version 5.2.6. After downgrading the provider to 5.1 I get:
[MySQL][ODBC 5.1 Driver]Can't connect to MySQL server on '192.168.1.13' (10060)
which is more encouraging as it has at least recognised the provider.
I have tried adding a firewall rule to allow outbound connections to port 3306. I've tried disabling my local firewall. I have checked that the server is listening on port 3306 and verified the IP address. (tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN) I have further verified that I can access the server and that MySQL is running.
When I attempted to connect using the IP address from an ssh terminal to the server itself:
mysql -u root -h 192.168.1.13 -D whiskeywheel -p
I am prompted for the password after which I get:
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.1.13' (111)
I have added the host/user to the user table in the mysql database and restarted MySQL. I've granted 'ALL' on the database to the user at anyhost ('%') and I've explicitly added access to port 3306 to the ubuntu firewall:
iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
I will of course restrict access prior to deployment but I need to be able to interact with the database in a meaningful form while I'm developing it. I'm happy to re install any of the various components and start again as this is early enough in the project but ideally I'd like to know what I've misconfigured or where I went wrong.

mysql server by default only bind to the loopback address on the sever (127.0.0.1). you have to edit the my.cnf file of the server and do a restart of the mysql server.
also note that specifying localhost is treated special by mysql server. it does not call 127.0.0.1 as one would expects.
more info here on how to bind to your external ipaddress:
http://www.cyberciti.biz/faq/unix-linux-mysqld-server-bind-to-more-than-one-ip-address/

Connecting to MySQL from Workbench

MySQL remote access
I have a mysql database, running on Ubuntu Server 12.04 that I need to access remotely. For some reason this is become much more of a chore than I think it should be.
I have been through countless threads trying to resolve this issue with no luck what so ever. I do not have another linux box to test my connection. I am only using the MySQL Workbench from a Window 7 machine.
Here is what I have done so far:
set the iptables to accept
set the my.cnf to have the bind address of the server
created a user for both localhost and %
grant all to those users
restarted mysql
verified the user has all priv
verified mysql is listening on 3306
give the correct setting to Workbench and I get
"Your connection attempt failed for user 'USER' from your host to server at x.x.x.x:3306:
Can't connect to MySQL server on 'x.x.x.x' (10061)"
EDIT: I did notice that it show 'localhost and NOT the ipaddress when I run this cmd, but i'm not sure how to change that, or if it is even the issue. Thoughts?
# lsof -i -P | grep :3306
mysqld 5775 mysql 10u IPv4 154265 0t0 TCP localhost:3306 (LISTEN)

vim /etc/mysql/my.cnf
Change the following line to reflect as below:
(bind-address = 127.0.0.1)
bind-address = 0.0.0.0
Close the file then and restart mysql
To verify that mysql port 3306 is listening on all interfaces:
netstat -lnt | grep 3306
You should see this:
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN

Find mysql config file (/etc/mysql/)
comment out the following line by putting a hash character in front of it as shown -> #bind-address = 127.0.0.1
-> Restart the server: sudo service mysql restart

why is mySQL connecting at any/all ports

I'm running Linux Mint and trying to connect to mySQL this way
mysql --port=3306 -u root -p
Then it prompts me for my password. This is all fine. Why is it that when I type something like this it still works....
mysql --port=1234 -u root -p
Should that not fail since there is no mySQL server running on port 1234?
The reason I am asking this is because I want to create a SSH tunnel to connect to a database on another server. Let's say the SSH tunnel will forward all my traffic from localhost:3308 to myremoteserver:3306. Since my local mySQL server is accepting my connections on all ports, I cannot actually connect to port 3308 and hit the remote server. I am still hitting my local server....
Even if my SSH tunnel options might have been wrong, I was wondering if anyone knew why I can connect to port 1234 and it still hit my local mySQL server running on 3306?

IIRC mysql connects you to a Unix socket if you are connecting to localhost. Since it does not connect you via TCP in this case, there is no port involved and the port number you give does not matter.
Edit: Not sure if this is true on all systems, but If I use 127.0.0.1 or the hostname instead of localhost, mysql connects via TCP and the port number does matter - I can connect with the correct port number only.

To force a TCP connection use --protocol=TCP.
Example:
First the SSH tunnel
ssh -L 4000:localhost:3306 server.ch
and then connect to the remote mysql server with
mysql -h localhost --port=4000 --protocol=TCP -u root -p

It will ask you for your password before it tries to connect. If you enter your password (or anything else for that matter), and let it proceed, it will respond with something like:
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/opt/local/var/run/mysql5/mysqld.sock'

#titanoboa, thx for this! I was having the same issue. Just to add you can actually force TCP connection even for localhost using the following
[client]
port = 3306
socket = /var/run/mysqld/mysqld.sock
protocol = TCP
Cheers