I'm currently trying to setup a remote connection to a mysql database. I've done this before, and wrote down some steps to follow for next time, but I can't seem to get this one working. Here's the process I've taken so far.
For the purposes of this question, we'll say that my DB is at ip 100.100.100.100 and the remote host I'm trying to connect from is 100.100.100.200.
Ubuntu Server using Mac OSX terminal:
MySQL is installed, and I've logged in as the root
I've edited my /etc/mysql/my.cnf file to look like this
bind-address = 100.100.100.100
there is no --skip-networking field in my file
Restart mysql
create a new user and grant privileges
CREATE USER 'user1'#100.100.100.200
GRANT ALL ON . to 'user1'
then I update the iptables
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
after all this is finished, I log out of mysql, and try to connect from the remote server with the new user
while on ip 100.100.100.200
mysql -h100.100.100.100 -uuser1
and I get this error message
ERROR 2003 (HY000): Can't connect to MySQL server on '100.100.100.100' (110)
is there something I've missed in the process, or could it be something with the servers firewall? I've been scouring the internet for hours trying to figure this out, so the next step was to ask a question. Thanks in advance for any help you can give!
Man that was a pain.
The problem was in the iptables. I simply restarted the server and re-ran the iptable command.
Restarting the server clears all the iptable rules unless they have been explicitly saved.
Here's the resource I used to find out more about iptables.
https://www.digitalocean.com/community/articles/how-to-set-up-a-firewall-using-ip-tables-on-ubuntu-12-04
sudo reboot - restart the server
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT - add rule to iptables
Not sure what was going wrong, but after a restart and a reinsert of the rule, everything worked like a charm.
Related
Problem:
Using mysql -u -h -p I can connect with localhost but cannot connect with external IP
I check connection for both localhost and external IP where MySQL is installed
What I have set up:
user with host as % (accepts everything)
granted user with host as % (all privileges)
flushed privileges
restarted mysql
checked tablesip and ufw
Any help would be appreciated :) 3 days and counting.
Comment the bind address 127.0.0.1 in mysql configuration file on your remote server.
Generally the file is located at /etc/mysql/my.cnf
on ubuntu system.
EDIT: Restart MySql after done.
Success! Oh my gosh.. there we're two bind address I had to comment out!!
So what I did:
netstat -l Checks to see what IP MySQL is listening to
Checked my.cnf and other linked cnf files
Commented out second bind-address
Done!
I have just created one instance on Amazon EC2 for CentOs, and installed mysql on it with root user (password is blank). Then I had created another user for me to connect this instance from remote pc (my local pc). for that I had run following command on terminal one by one.
CREATE USER 'demouser'#'%' IDENTIFIED BY 'demopassword';
GRANT ALL PRIVILEGES ON *.* to 'demouser'#'%';
FLUSH PRIVILEGES;
Then I wrote following line in /etc/my.cnf under [mysqld] section
bind-address=0.0.0.0
Then restarted mysql with following command
sudo /sbin/service mysqld restart
Still, It is not allowed to connect that instance from my local pc. I don't understand what is the problem? I had checked and confirmed that rules on Amazon Security Groups are set properly. (e.g. port 3306 & 22 set to 0.0.0.0 ip address, means any ip address can connect using both ports).
Can someone saw me the mistake of mine?
Slowed
I ran following command to update ipaddress in centos terminal;
sudo iptables -I INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
and It's getting connected... !!!!
This seems like a duplicate post, but I have checked all the solutions posted in relevant posts and none of them worked for me. So allow me to state the problem more accurately.
I have a server, where MySQL is installed. I have a user X with password P.
If I connect to the server (ssh or something) and try to run MySQL locally (mysql --user=X --password==P) it logs in perfectly, and I have access to everything:
mysql> show grants;
...
+------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'X'#'%' IDENTIFIED BY |
|PASSWORD 'somehash' WITH GRANT OPTION |
+------------------------------------------------------+
Now if I go to the config file: (sudo vim /etc/mysql/my.cnf) I see the following:
bind-address = 0.0.0.0
port = 3306
Then I go to hosts allow file (sudo vim /etc/hosts.allow) I see:
mysqld: ALL
Then I go to hosts allow file (sudo vim /etc/hosts.deny): the file is empty (except for some comments).
Still, when I try to connect with MySQL workbench I have the problem.
Here is how I do it. I go to add a new connection, I add the URL, username, pass, and port, and I click test connection and I get the message that is the title of this question. I tried with a random (non-existent) user pass combination and still I get the same response.
I tried commenting out bind-address too BTW. Also the server is generally accessible for other services like PostgreSQL and such.
not a solution to your server firewall issue but a workaround, as you are able to ssh into your database server:
You can try ssh remote port forwarding from your mysql server to your local machine, and then connect the mysql client to the local port. I use this method whenever I'm behind a firewall. As a bonus, data transmitted over this connection is also very secure.
For example, if you ssh'ed into the remote machine using
ssh hal#remote.machine.com -i ~/.ssh/hal.key
Then you could set up the port forwarding like this:
ssh -L 54321:127.0.0.1:3306 hal#remote.machine.com -i ~/.ssh/hal.key -f -N -M -S ~/.ssh/tunnel_54321_remote_machine_mysql
Then you can connect to the database as if you were connecting to the database locally (using the commanline mysql client as example):
mysql -h 127.0.0.1 -P 54321 -u my_user -p my_database
This should then prompt for your password.
To close the tunnel:
ssh -S ~/.ssh/tunnel_54321_remote_machine_mysql hal#remote.machine.com -i ~/.ssh/hal.key
I first learned about this method from the postgres docs.
This is more than likely a firewall issue.
Easiest way to debug that at first, is to try telnet to the server on port 3306 both locally, and from remote. MySQL will send the version string in plaintext that you can see inside telnet if you are being correctly connected.
If you do not get that string, then something such as a firewall is likely blocking the connection.
I just installed MySQL 5.5.27 on WinXP. When I open a command prompt (Start -> Run, and type "cmd"), I can access MySQL by running "mysql -u root -p". However, when I open a Cygwin terminal and try the same thing, I get this error
$ mysql -u root -p
Enter password:
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysql.sock' (2)
Indeed, there is no "/var/run/mysql.sock" file.
If you specify the host on the command line, this issue should go away:
mysql -u root -p -h 127.0.0.1
You can also create a my.ini that mysql will use:
echo [client] >c:\my.ini
echo user=root >>c:\my.ini
echo host=127.0.0.1 >>c:\my.ini
Then you can just type:
mysql -p
You can even add the password:
echo password="abracadabra" >>c:\my.ini
Then, just type:
mysql
and you're in!
See also https://serverfault.com/questions/337818/how-to-force-mysql-to-connect-by-tcp-instead-of-a-unix-socket
Try adding this to your command:
-h 127.0.0.1
The problem is that the mysql client default host is localhost, and it treats localhost specially, using a unix socket, which is accessed via that file, but your server may not be configured to listen on the unix socket.
However, if you access the same server via the loopback IP 127.0.0.1 it will use a TCP socket instead of the unix socket and (assuming the server is online) it should work.
Just to save few keystorkes,
Add following alias to your ~/.bashrc file.
alias mysql='mysql -u root -h 127.0.0.1'
After adding this, You can just type "mysql" in your terminal & there you go right inside mysql.
As most of people mentioned here - one of the solutions will be to use aliases. Don't like them to be honest because they are preventing me learning some really nice Linux commands :) It's just a joke. But the best way for you, as I think, will be to locate a ~/.bashrc file located in your home directory and put there:
alias mysql="mysql -h 127.0.0.1"
Don't forget that you have to restart your session in order for this solution to work or you may type bash command at the same terminal session - it will reload all your bash settings. Good luck!
P.S. I suggest you to close all other terminal windows before editing .bashrc because you may just got a read-only file. I had such issue under Win7x64
I successfully installed MySQL in Cygwin on my PC according to Rafael Hart. I created a database and performed some queries and everything worked great.
The next day when I tried logging into MySQL, I got the error:
ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysql.sock' (111 "Connection refused")
Apparently, when you shutdown your PC, the services also get shutdown and do not restart on boot.
To fix the problem, I typed the following command to restart the mysqld service:
$ mysqld_safe &
Then everything started working.
Here's how to run MYSQL from cygwin
Go here:
https://cygwin.rafaelhart.com/setting-up-mysql-on-cygwin/
To begin MySQL setup run the following:
mysql_install_db
Run mysql - you'll get a firewall alert from windows if you have it active.
mysqld_safe & Immediately following that, it would be wise to run the following:
mysql_secure_installation
I've just downloaded MySQL Workbench.
But I don't quite understand how to syn this with the databases on my remote server.
Work bench asks for "hostname" so I provided the hostname of my remote server. I designate port 3306.
I then provide a username. This is the username I use when I log into PhpAdmin -- should I be using a different one?
Then I provide a password, again the same one I use for PhpAdmin.
But this doesn't work.
Oddly, the error always tells me my user name is: username#current_network_im_using_to_access_the_internet
But this doesn't seem right -- on phpAdmin my user name says username#localhost.
I'm not quite sure what to do.
Can you help me?
MySQL treats logins as specific to the host they originate from. You can have a different password from your home machine than the one you use on the server itself, and you can have entirely different sets of permissions granted to the same username from different origin hosts.
On PHPMyadmin, the database is running on the same server as the web server, and therefore refers to itself as localhost, with IP 127.0.0.1. Your machine on which Workbench is installed must access MySQL with different credentials than your username#localhost. The server requires you to grant access to your username from any host you intend to connect from.
In PhpMyAdmin, you will need to grant access to your database from the remote host: (See also Pekka's answer for how to allow connections from any host)
GRANT ALL PRIVILEGES on dbname.* TO yourusername#your_remote_hostname IDENTIFIED BY 'yourpassword';
To see all the grants you currently have on localhost so that you can duplicate them for the remote host:
SHOW GRANTS FOR yourusername#localhost;
Additionally, the MySQL server needs to be setup to accept remote connections in the first place. This isn't always the case, especially on web hosting platforms. In the my.cnf file, the skip-networking line has to be removed or commented out. If there is no skip-networking line, you must comment out the line:
bind-address = 127.0.0.1
...then restart MySQL.
Your phpMyAdmin seems to run on the same server as the database itself.
Therefore, it can use username#localhost to connect to the server.
You would need to make mySQL accept connections from outside localhost by adding another user username#% (% meaning "any host").
Note however that this is not good practice - if you have a static IP, consider limiting access to that one address.
If you are planning to use MySQL workbench for managing MySQL databases and tables in a remote server, I am recommending connect over SSH. by following many articles and forums I tried many other ways by adding bind-address, adding a new user to MySql with uname#host with all privileges, etc. but in my case, all those steps were wasting of time, those steps will be useful if your server is so strict.
Follow the steps below.
Click on the + button beside the MySql connections Title to add a new connection.
Enter Connection Name(Whatever you need).
Select connection method Standard TCP/IP over SSH.
Enter the SSH details like Host(IP/Domain), Username, and Password. (SSH using Password Authorisation should be enabled in server)
MySQL host details like Hostname(By Default localhost or 127.0.0.1), port(3306), MySQL username and password.
Then click on test connection.
To get connected to MySQL Workbench installed on Windows 10, I found the above post written by Shihab and edited by Dharman useful to get connected instantly. But, here are the things that I did to connect via TCP/IP which was also useful for me to connect to MySQL via my code:
Step 1:Changing the bind address in MyMySQL
On the Ubuntu machine (where my MySQL Community Server is installed) using Putty, I changed the mysqld.cnf file with the command "sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf". Using arrow keys, I scrolled down to the row with "bind-address" and I changed it from "127.0.0.1" to "0.0.0.0". I used ctrl+x to close and entered "Y" to save the file.
Step 2: Restart the MySQL Server
You have to restart the MySQL server. To do that, you can restart using the command "sudo service mysql restart". If you are unable to restart, kill MySQL Process. First find the Process ID of MySQL using "ps ax | grep mysql" then kill the process using "sudo kill [process_id]"
Step 3:Changing the Firewall Settings of Ubuntu
To allow outside connections, you should change the settings of the firewall. I used UFW (Uncomplicated FireWall) to change the settings. Start the UFW if it is not yet enabled using the command "sudo ufw enable". Check the status using "sudo ufw status". Now, enable connections to the MySql port 3306 (default) from a particular IP address using the command "sudo ufw allow from [ip_address] to any port 3306" or you can allow all connections to the port from any IP address is your IP address keeps changing using the command "sudo ufw allow mysql"
Step 4: Creating a user in MySQL
I created a user in MySQL to avoid logging in using the root using the command "CREATE USER 'user_name'#'your_IP_Address' IDENTIFIED BY 'password';
Step 5: Connect via the MySQL workbench
Click Database
Click Connect to Database
In the Connection Method field, select "Standard TCP/IP"
In the Hostname, enter your server IP address
In the Server Port, leave as it is "3306" unless you have changed the port of MySql in your server
In the Username, enter your server user name
In the Password, enter your server password
Click Ok
Step 6: If you are still not able to connect
On your server, disable the firewall and check if you are able to connect
If you are able to connect, reset the firewall with the command "sudo ufw reset" (Make sure you take a copy or screenshot of all the connections in the firewall. You can get all the ports with the command "sudo ufw status"). If you are unable to connect go to step 9.
Now allow each and every port that was earlier present with the command "sudo ufw allow 80", "sudo ufw allow mysql", etc.
Disable and enable the firewall using the commands "sudo ufw disable" and "sudo ufw enable" respectively.
Check if you are able to connect via the workbench
If you are still not able to connect, just restart the server using the command "sudo reboot"
Once the reboot is complete, you should be able to connect to the MySQL server.
If you are still not able to connect, use something like nmap software to check for all the open ports and see if you can see 3306. If you can't see the port, you have to debug what is stopping the firewall from blocking your MySQL connections.
Check your MySQL privileges with the command "show grants for 'user_name'#'localhost';". If you are able to see the grants, that means your IP address is not allowed. Try to update the grants with your IP address with the following command "GRANT ALL PRIVILEGES ON database.* TO 'user'#'yourremotehost' IDENTIFIED BY 'newpassword';" or GRANT ALL PRIVILEGES ON database.* TO 'user'#'yourremotehost' IDENTIFIED BY 'newpassword'; (To allow connections from everywhere)
If the above steps don't work and still you want to connect via a quick hack
Premium Hack Step: Logging in using MySQL Workbench via SSH
Click Database
Click Connect to Database
In the Connection Method field, select "Standard TCP/IP over SSH"
In the SSH Hostname, enter your server IP address
In the SSH Username, enter your server user name
In the SSH Password, enter your server password
In the SSH Key file, don't do anything
In the MySQL Hostname, leave it as it is "127.0.0.1"
In the Server Port, leave as it is "3306" unless you have changed the port of MySQL in your server
In the Username, enter your MySQL username that you created in the previous step
In the Password, enter your MySQL password that you created in the previous step
Click Ok
Now, you should be able to enter your MySQL Workbench
Other useful commands:
To check if MySQL is running: systemctl status mysql
Entering MySQL: sudo mysql -u [username] -p (Default username is root and password is nothing (just press enter key))
To check the status of ufw: sudo ufw status
To check the ufw status numbered for deleting a port access: sudo ufw status numbered
To delete a ufw port access: sudo ufw delete [number_of_the_port_to_be_deleted_from_previous_command]
To start MySQL service: sudo service mysql start
To update all packages: sudo apt update
To uninstall MySQL: sudo apt-get remove mysql*
To install MySQL
Step 1: sudo apt update
Step 2: sudo apt install mysql-server
Step 3: sudo systemctl start mysql.service
Step 4 (if something is broken during installation): sudo apt --fix-broken install