I have an account with a Java PaaS (CloudBees) that hosts their platform off of Amazon EC2 instances. My account comes with access to a MySQL server instance and I am getting a bizarre error that only occurs when I try to log into the MySQL server from a client on my linux (Ubuntu 12.04 desktop) machine, but not my Windows 7 machine.
Here is a screenshot of the error when I try to log in with MySQL Workbench on my Ubuntu machine:
It's important to note that I have another MySQL client (Squirrel SQL) installed on this machine, that throw the same exact error when I try to log in to my dl_web account. Squirrel SQL is a pure Java application, and I have tried to check that MySQL Workbench and Squirrel SQL do not share any common dependencies and couldn't find any (but I could be wrong).
However, when I try to log in with a MySQL Workbench instance living on my Windows 7 machine, I can log in just fine.
Given the list of 4 things to check from that error message:
Yes, of course MySQL server is running on the EC2 instance; otherwise CloudBees would be out of business and I wouldn't be able to log in from my Windows 7 machine.
3306 is the correct port - I verified this with CloudBees support staff.
Not sure about this one - perhaps the MySQL server instance is somehow configured to refuse connections from linux clients?!?!
The password I'm using is correct - I have checked and re-checked and re-re-checked.
So the only 2 theories I have so far are:
The MySQL server instance is somehow configured to refuse connections from Linux clients (is this even possible?); or
The MySQL Workbench and Squirrel SQL instances on my Ubuntu machine are sharing some common dependency that is buggy or misconfigured; this is the more likely of the two scenarios, but I have been unsuccessful pegging down what this dependency is...
Also - note the exact error message that I get from both MySQL Workbench and Squirrel SQL:
Access denied for user 'dl_web'#'%' to database...
My user is dl_web...not 'dl_web'#'%'!!! Bizarre, right?!
Any ideas? Thanks in advance!
You appear to be in a hosted environment within AWS where you do not have access to root or to view grants on tables, but this may help someone else and show a few steps.
first, if I go into sqlyog (or toad or mysql workbench) and try to connect to AWS mysql, i get the following error:
http://img836.imageshack.us/img836/4594/out1.GIF
so the issue is root#pool-72-93-207-216.bstnma.fios.verizon.net
so i get into mysql at root (yes I know you might not be able to do this !)..
and I perform the following
mysql> use test;
mysql> grant all privileges on test.* to 'root'#'pool-72-93-207-216.bstnma.fios.verizon.net' identified by 'mypassword123z';
mysql> select user,host from mysql.user;
+------------------+--------------------------------------------+
| user | host |
+------------------+--------------------------------------------+
| foo_user | % |
| root | 127.0.0.1 |
| foo_user | 72.93.207.216 |
| foo_user2 | 72.93.207.216 |
| root | ::1 |
| | domU-12-31-38-04-B2-89 |
| root | domU-12-31-38-04-B2-89 |
| | localhost |
| debian-sys-maint | localhost |
| phpmyadmin | localhost |
| root | localhost |
| root | pool-72-93-207-216.bstnma.fios.verizon.net |
+------------------+--------------------------------------------+
mysql> SHOW GRANTS FOR 'root'#'localhost';
+----------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#localhost |
+----------------------------------------------------------------------------------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'#'localhost' IDENTIFIED BY PASSWORD '*4F4504C8CA8D22648E58B5092F653457698A9EBE' WITH GRANT OPTION |
| GRANT PROXY ON ''#'' TO 'root'#'localhost' WITH GRANT OPTION |
+----------------------------------------------------------------------------------------------------------------------------------------+
mysql> show grants for 'root'#'pool-72-93-207-216.bstnma.fios.verizon.net';
+----------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for root#pool-72-93-207-216.bstnma.fios.verizon.net |
+----------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'root'#'pool-72-93-207-216.bstnma.fios.verizon.net' IDENTIFIED BY PASSWORD '*CACE4BB4D0A5D265BA7FCBEED600DC8976884A43' |
| GRANT ALL PRIVILEGES ON `test`.* TO 'root'#'pool-72-93-207-216.bstnma.fios.verizon.net' |
+----------------------------------------------------------------------------------------------------------------------------------------------+
then I go back to sqlyog (or toad or mysql workbench) and log in with root and password mypassword123z and I am in.
in addition you can create an secure SSH proxy tunnel thru port 22 and your AWS pem file, using like Putty.
Related
I have a Laravel project working fine on my local machine, but unable to connect to database on another Linux server.
The error I get is:
SQLSTATE[HY000] [1045] Access denied for user 'cpanel1_thewatcher'#'localhost' (using password: YES)
These are the settings I am using:
DB_CONNECTION=mysql
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE=dbnamehere
DB_USERNAME=cpanel1_thewatcher
DB_PASSWORD=passwordhere
I have checked to make sure cpanel1_thewatcher has ALL PRIVILEGES on this database and that the password is correct.
This is on a VPS, where I have root access, and it has two IPs dedicated to it. The main IP we will call xxx.xxx.xx.165 and the second one xxx.xxx.xx.166. If I change the settings above to set DB_HOST to xxx.xxx.xx.166 I get a different error:
SQLSTATE[HY000] [1130] Host 'xxx.xxx.xx.166' is not allowed to connect to this MariaDB server
If I set DB_HOST to xxx.xxx.xx.165 then I get yet another error:
SQLSTATE[HY000] [1045] Access denied for user 'cpanel1_thewatcher'#'server1.domain.com'
If I set DB_HOST to domain.com (the main domain on the server) I get the same error I get with DB_HOST=xxx.xxx.xx.166.
I have examined the mysql.user table on the server and found the following:
+-------------------+----------------------+
| User | Host |
+-------------------+----------------------+
| root | 127.0.0.1 |
| cpanel1 | xxx.xxx.xx.165 |
| cpanel1_thewatcher | xxx.xxx.xx.165 |
| root | ::1 |
| cpanel1 | localhost |
| cpanel1_thewatcher | localhost |
| nagios | localhost |
| root | localhost |
| cpanel1 | server1.domain.com |
| cpanel1_thewatcher | server1.domain.com |
| root | server1.domain.com |
+-------------------+----------------------+
where cpanel1 is the username of the only cPanel account on the server.
I have tried creating an entry in the table above where user is cpanel1_thewatcher and host is % but no effect. I have also tried setting DB_USERNAME to just thewatcher but nothing changes in the error messages.
I have seen some questions on SO referring to the second error message I listed, but I have been unable to find a MariaDB configuration file anywhere on my server as suggested by some answers there.
Doing GRANT ALL PRIVILEGES ON dbnamehere.* TO 'cpanel1_thewatcher'#'localhost'; gives
Query OK, 0 rows affected (0.00 sec)
Can anyone tell me what to do, I am confused with the 2 IPs and 3 different error messages here, and not sure what else to try. I'd like to eliminate any issues on my end before I resort to contacting the hosting company and waiting for a week for them to resolve it.
You need to follow this steps in order to connect to your remote database:
In your database server, run the following command in your mariadb console:
CREATE USER 'cpanel1_thewatcher'#'xxx.xxx.xx.166';
Followed by:
GRANT ALL PRIVILEGES ON dbnamehere.* TO 'cpanel1_thewatcher'#'xxx.xxx.xx.166';
FLUSH PRIVILEGES;
Where xxx.xxx.xx.166 is the ip of the machine you are trying to connect (where your laravel project lives)
I run rails on my local dev environment but the mysql instance is on a separate server.
When trying to open a page in the app I get this error:
Access denied for user 'username'#'myhostname.lan' (using password: YES)
When I ssh into the server running mysql and run this command SELECT Host from mysql.user WHERE User='username'; I get the following:
+---------------------+
| Host |
+---------------------+
| % |
| myhostname.lan |
| localhost |
+---------------------+
All of these entries were created with GRANT ALL PRIVIELEGES ON dbname.* TO ...
So why can I not connect given that both the any-host wildcard % is in the list as well as the hostname I try to connect from specifically?
Despite having same usernames these users are different for mysql.
Check that the password is set on all user entries and is what you expect it to be.
You can compare authentication_strings in mysql.user.
I'm using the -h option, specifying that I want to connect to MySQL Server via a specific host/interface, but MySQL is telling me this, which apparently doesn't make so much sense
root#ilg40:/# mysql -h 127.0.0.1 -u root -proot
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1698 (28000): Access denied for user 'root'#'localhost'
OBS.: I have created a access for root via 127.0.0.1 (FLUSH PRIVILEGES() was already performed.
root#ilg40:/# mysql -e "SELECT User,Host,authentication_string FROM mysql.user;"
+-----------+-----------+-------------------------------------------+
| User | Host | authentication_string |
+-----------+-----------+-------------------------------------------+
| root | localhost | |
| mysql.sys | localhost | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |
| root | 127.0.0.1 | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
+-----------+-----------+-------------------------------------------+
Have you guys any idea about what's going on?
I can't find where is my failure :(..
P.S: I'm using Debian Jessy + MySQL 5.7.12
root#ilg40:/# cat /etc/debian_version
8.4
root#ilg40:/# mysql -e "SELECT VERSION();"
+-----------+
| VERSION() |
+-----------+
| 5.7.12 |
+-----------+
Acoording to MySQL official doc:
"The server performs host name resolution using the thread-safe
gethostbyaddr_r() and gethostbyname_r() calls if the operating system
supports them.
Otherwise, the thread performing the lookup locks a mutex
and calls gethostbyaddr() and gethostbyname() instead.
In this case, no other thread can resolve host names that are not in the host
cache until the thread holding the mutex lock releases it."
The solution I found was: dropping the user 'root'#'localhost' from MySQL.
DROP USER 'root'#'localhost';
I tried to modify the /etc/hosts, but no good. There's something else around the way that MySQL performs these two syscalls, which maps 127.0.0.1 to localhost, independently if you the address mapped in a different way in /etc/hosts.
WARNING: be sure to have at least another user with admin powers on MySQL, using 127.0.0.1 for connection, or else, you may loose access and/or admin powers over MySQL.
I have a Linux VM running Ubuntu 14.04 LTS Server. I have installed MySQL 5.6.26 on it and have added a user by issuing the following commands from the terminal window:
CREATE USER 'sas'#'%' IDENTIFIED BY 'some-password-1234';
GRANT ALL PRIVILEGES ON *.* TO 'sas'#'%' IDENTIFIED BY 'some-password-1234' WITH GRANT OPTION;
FLUSH PRIVILEGES;
I can log into mysql with this user with this command:
mysql -u sas -p
and can see this user listed in mysql.users table by issuing this command:
mysql> select host, user from mysql.user;
which results to the following output:
+-----------+------------------+
| host | user |
+-----------+------------------+
| % | sas |
| 127.0.0.1 | root |
| ::1 | root |
| localhost | debian-sys-maint |
| localhost | root |
| ubuntu | root |
+-----------+------------------+
However, when I try to setup a connection in MySQL Workbench from a Windows box using the credentials of user "sas", I get
"Can't connect to MySQLServer on 10.166.7.16".
This is not a network issue since running tcpdump on the Linux box shows the initiated connection from the Windows box.
What should I be looking out for?
On Debian and Ubuntu, mysqld binds to the lo interface only by default. Go through MySQL's configs and look for a directive that reads bind-address. Change its value to 0.0.0.0 if necessary, restart mysqld and try again.
I have been searching all over this and other forums but I've hit a wall. I had a working MySQL installation but I think when I tried to restore a couple schema's recently I think I more than I expected perhaps.
So here is my issue:
I could no longer access the DB from any of my apps. They are getting access denied. When I researched i found their accounts are gone (hence the above comment about "more than I expected".
I typically use MySQL Workbench but couldn't access the DB either from my client PC (linux Kubuntu). So I went to the host command line...
I can log in at the command line with root#localhost. Note, mysql is running in a FreeBSD jail on FreeNas. I originally had a password but saw some different options for resetting the password might help including removing it. So that's why it's now empty.
When I try to execute the following
grant all privileges on *.* to 'root'#'localhost' identified by 'PASSWORD' with grant option;`
I get the following error
ERROR 1045 (28000): Access denied for user 'root'#'localhost' (using password: NO)
I have checked via the user table permissions granted...everything appears like I should be able to do this.
`+-----------+------------+-------------------------------------------+-----------+------------+
| host | user | password | Grant_priv | Super_priv |
+-----------+------------+-------------------------------------------+-----------+------------+
| localhost | root | | Y | Y |
| 127.0.0.1 | root | *E3FCFF11BABD5D85A4D6F6A30AF940F8333E2495 | Y | Y |
| % | root | *E3FCFF11BABD5D85A4D6F6A30AF940F8333E2495 | Y | Y |
+-----------+------------+-------------------------------------------+------------+------------+`
I've done select User(); and select current_user(); to confirm who I am.
I've restarted in --skip-grant-tables to try and 'reset permissions'.
At this point I'm lost on what else to try. Any thoughts or suggestions are appreciated.
Ok - figured out my issue. This link was helpful.
https://dba.stackexchange.com/questions/16397/cannot-grant-privileges-as-root
I found my user table was inline with a 5.1 version of MySQL vs. the 5.5. I was running. I had run mysql_upgrade before and this time I had to rerun with mysql_upgrade --force. This resolved the permission issues.