I'm trying to connect to a remote host, dev, from my webserver. When I do this command from the webserve composer.domain.com: mysql -u username -ppassword -h dev.domain.com, I get an error after authenticating that says access denied for username#sports.domain.com.
sports.domain.com IS a valid vhost on the webserver, but it's one of 14, and it's not the primary host, nor the one the IP resolves to via DNS.
Any idea where I should look to figure out why MySQL thinks I'm coming from sports.domain.com instead of the expected composer.domain.com?
During creating the mysql user, it should be specified the host where the user is allowed to connect. By default it is localhost. Try to add other user account on the database server try the following:
CREATE USER 'username'#'%'
IDENTIFIED BY PASSWORD 'password';
OR
CREATE USER 'username'#'sports.domain.com'
IDENTIFIED BY PASSWORD 'password';
% - it means that all clients are allowed to connect using user account.
Related
I'm trying to establish a connection to a MySQL server on a remote host. Both machines are running RH 7.5 and MySQL 5.7.
I can connect to the server as a root user. I did that, and used it to set up a secondary user like this:
CREATE USER 'foo'#'client-ip-address' identified by 'my-password';
and then
GRANT ALL PRIVILEGES ON my-db.* to 'foo'#'client-ip-addres';
That all went fine. But to my surprise, when I tried to connect using this new user, I got an error I wasn't used to:
$ mysql -u foo -h server-ip-address -pmy-password my-db
Access denied for user 'foo'#'some-hostname-not-an-ip.com' (using password: YES)
I know the IP address of the client (where I'm connecting from), which is why I set up the user with that value in the "host" column on the server. But the client is obviously trying to establish a connection using a value for "host" that is not the IP address. Instead it's some hostname, and not an IP address at all.
Where is this value coming from? How does mysql determine its own host when it tries to connect to a remote server? In the past I've only ever seen it use the machine's own IP address.
As you can see, there is no privileges tab, and I can't a create new database
Usually this is because you're not actually logged in as the user you think you are, but as the anonymous user instead. Double check your username and password, and make sure the host field is matching for the account you're trying to log in to. For example, if you're able to connect through the command line client which connects over sockets, your host is 'localhost' but if phpMyAdmin is using the TCP connection type, your host will be 127.0.0.1 instead; these aren't the same to the MySQL permissions system. If you changed the root password for root#localhost but not root#127.0.0.1 it won't match the new password in this case.
I have a mysql database running on a VPS. I can ssh into the host and connect to mysql with no problems. I cannot connect to mysql remotely from my desktop. I have performed the following:
opened port 3306 on the firewall
added my local IP to the remote IPs accepted by mysql. This was done via CPanel
executed
GRANT ALL ON dbname.* TO username#'x.x.x.x' IDENTIFIED BY 'PASSWORD'
to tell mysql to let me connect from the specified address.
I execute the following from the command line on my desktop:
mysql -h x.x.x.x -u username -p
I get a password prompt which indicates I am past the firewall and mysql is responding. When I supply the password, it denies access:
ERROR 1045 (28000): Access denied for user 'username'#'x.x.x.x' (using password: YES)
Have I missed something?
The answer was given in the comments, so I will repeat it here to properly close the thread. alvits suspected that the remote user had not been created. It had been created but his comment prompted me to clean up the user table.
I deleted all remote users including loads that had been created by CPanel or migrated from another host. I then started from scratch doing create user and grant all and it works now.
Thanks!
I have the current setup:
SVR01:
Ubuntu Trusty, with Xen
VM01:
IP: 192.168.0.10
Ubuntu Trusty, with Apache2 + php modules
VM02:
IP: 192.168.0.11
Ubuntu Trusty, with mysql server
When I try connecting from VM01 (The apache server) to mysql on VM02, I get the "Access Denied for 'NewUser'#'192.168.0.10' (Using password: YES)" error.
I created the user using:
CREATE USER 'NewUser'#'192.168.0.10' IDENTIFIED BY 'password';
GRANT EXECUTE ON mydb.* TO 'NewUSer'#'192.168.0.10';
But, it will work if I create the user using the host wildcard:
CREATE USER 'NewUser'#'%' IDENTIFIED BY 'password';
GRANT EXECUTE ON mydb.* TO 'NewUSer'#'%';
Does anyone know why it won't work when I specify the host ip?
PS. I get the error when trying to connect either through the Mysql client, or through the PHP PDO.
Follow up questions:
Does the grant seem to work if you create a user with a 192.168.0.% wildcard host mask?
Run select user, host, password from mysql.user where user='NewUser' to ensure there's not another user#host you weren't aware of that might be getting picked up?
Does the Access denied messages in your error logs confirm the failed connection attempts are in fact coming from the IP you think it is? Some weirdness like this might pop up if you have multiple routes setup in a system that has multiple network interfaces or perhaps some VPN routes in the mix.
When attempting connections to VM02 are you using a literal IP address or a hostname? If the later are you sure this is resolving to the IP you think it is from VM01 (you can verify using ping or just the host command from the command line)
Run "show variables like 'init_connect';" on the root account you were creating the users with. If that value is not blank you will want to ensure the accounts of permissions required to execute whatever that value does hold.
I have a created user in my MySQL database:
CREATE USER 'user'#'host' IDENTIFIED BY 'password';
I have granted that user full privileges:
GRANT ALL ON *.* to 'user'#'host';
Echoing the grant:
GRANT ALL PRIVILEGES ON *.* TO 'user'#'host' IDENTIFIED BY PASSWORD '*03FFC888F82E921D8CA360925A8F443CF326DE89'
I can connect from MySQL workbench using this login credential w/o any issues and execute queries. And it's running on the same machine the web application is running on. MySQL instance is running on another computer in the same local network.
However, when I try to use the same credentials from my web application running in Tomcat7 under Eclipse I receive the error. Please advise.
Note: As of last night, the web application was able to connect just fine. With nothing changing (that I am aware of - I am only one working on this), this morning I could not connect.
RESOLVED:
I added the user with grants using the IP address for the host for the local machine.
I am not sure what changed on the server, but now I am able to connect again.
Would someone possibly be able to explain this change, and with it why I am now required to use the IP address when previously the local host name was sufficient?
Make sure you are using the appropriate hostname, and you're accessing from that host, the user can't connect from another host.
To give permission you must put the password unencrypted.
Example
GRANT ALL PRIVILEGES ON test. * TO 'root' # 'localhost'
IDENTIFIED BY 'goodsecret';
Also must be the same password when you create the user.
Here How adding users to MySQL
Note: For more information on GRANT here is the documentation.
Hope this helps