Related
MySql is installed on a Ubuntu server.
I am running Windows 8.
Logging in through Putty. I can log in to database with both root and webadmin user accounts.
I can also log in through my browser, using <server ip address>/phpmyadmin
My problem is when I try to use command line to log in. I am trying that approach because I am developing a webpage to access the database on that server. It fails to connect, so I thought if command line works, the webpage will also work.
commandline:
mysql -u webadmin -p
or
mysql -u root -p
error 1045 (28000): access denied for user 'webadmin'#'localhost'
(using password: yes)
I added an iptables entry to allow mysql and that didn't work.
Also, the firewall on server is inactive.
You need to grant access to the database. You can read the documentation here: https://dev.mysql.com/doc/refman/5.1/en/grant.html
You can run the following (but be careful as it will leave your DB open)
GRANT ALL ON *.* TO 'root'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
That will allow root to connect from any IP and do any operations to the DB. If that still doesn't work, you might also need to run the following before the 2 lines above
CREATE USER 'root'#'%' IDENTIFIED BY PASSWORD '[your password]';
I am trying to configure my server to allow remote connections.
From what I understand I need to uncomment bind-address 127.0.0.1 in the my.cnf file, then restart mysql.
That hasn't worked.
I have also tried changing it to bind-address 0.0.0.0.
That hasn't worked either.
When I try to remotely connect using SQLpro, I get the following error:
MySQL said: Can't connect to MySQL server on '54.444.33.4' (4)
Can anybody offer any other solutions?
Thanks.
First of all; to be able to remotely access your database remotely from another computer etc. You have to give an IP which is either Private or Public and do configurations according to that. In this case, I'll tell you how to do it in LAN :
Do a full fresh installation of MySQL with below commands :
sudo apt-get update
sudo apt-get mysql-server
sudo mysql_install_db
sudo mysql_secure_installation
At the last command, determine a password and press "ENTER" to all other questions it asks during installation to make them default settings.
Go and open terminal and type the command below :
ifconfig
You'll see the Private IP that the router gives you from here, should be something like ex : 192.168.1.10
After you acquire the IP, open the /etc/mysql/mysql.cnf file and change the bind adress to the IP you've acquired, in this case :
bind-address= 192.168.1.10
Restart the server via,
sudo service mysql restart
After this case, I'll give you some tips for Security. Never allow your root user remotely accessible, that is just unsecure. Type the below commands to make another admin user access the Server from anywhere :
mysql -u root -p
(It will ask you password of mysql root user, type it in and get into mysql line)
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
CREATE USER 'username'#'IP ADDRESS' IDENTIFIED BY 'password';
I usually give SELECT, UPDATE, DELETE, INSERT to a remote user, but you can give all privileges as well, I'll give you commands for both :
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
GRANT SELECT,INSERT,DELETE,UPDATE ON *.* TO 'username'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
FLUSH PRIVILEGES;
exit;
After all these, restart the service once more and you can connect to your MYSQL Server from any computer connected to the network. Cheers!
I'm having trouble opening a up my MYSQL server to ALL remote connections. I have followed many online guides and appear to have something wrong. Perhaps SO could provide guidance? My server details are as follows:
Ubuntu 12.04 Server,
MYSQL Ver 14.14 Distrib 5.5.34, for debian-linux-gnu (x86_64) using readline 6.2
/etc/mysql/my.cnf: Other stuff too, but importantly the bind-address...
bind-address = 0.0.0.0
my.conf has the following permissions:
-rw-r--r-- 1 root root 3516 Jan 31 17:12 my.cnf
The server isn't blocked because:
telnet myDomain.com 3306
prompts for my native mysql password.
MYSQL Queries
CREATE USER 'myUser'#'%' IDENTIFIED BY 'myPASSWORD';
GRANT INSERT
ON db.table_v
TO 'myUser'#'%'
IDENTIFIED BY 'myPASSWORD';
FLUSH PRIVILEGES;
Permissions from show grants for 'myUser'#'%';
GRANT USAGE ON . TO 'myUser'#'%' IDENTIFIED BY PASSWORD '****************'
GRANT INSERT ON db.table_v TO 'myUser'#'%'
I also restarted my server
PROBLEM:
mysql -h myDomain.com -u myUser -p
Enter password:
ERROR 1045 (28000): Access denied for user 'myDomain'#'***MYIPADDRESS***' (using password: YES)
I am also not able to login locally with any user where the host is not specifically local, such as '%' or my home IP.
this is interesting if not typo:
Access denied for user 'myDomain'
are you trying to use your domain name as username? there should be myUser instead of myDomain cause you give remote permissions to myUser only.
also in:
mysql -h myDomain.com -u myUser -p
-h means the host where mysql server resides, not your user's current host. so trying anything other then "localhost" when you're locally trying to connect the database surely gives error cause you are trying to connect a database you are not intend to. suppose you are connected to mysql server locally and typed the above line; this command will try to connect the server at myDomain.com with the user myUser and password you provide. if the permissions you defined are where you run this command, you'll get that access denied error cause you are connecting to a different server.
I think the problem is the location of the .cnf file where you specify the bind-address attribute.
Most guides and tutorials say the file is /etc/mysql/my.cnf but after many tries I realized that the correct place was in mysqld.cnf file under mysqld profile.
Try to include the bind-address attribute there.
To check if this worked for you type "netstat -lt" and find if the local address of mysql process is 0.0.0.0:3306.
Then check again yor connection
You need also create local user account
CREATE USER 'myUser'#'localhost' IDENTIFIED BY 'myPASSWORD';
MySQL Manual | Adding users
I don't advise usage such unsecure statements as
GRANT ALL ON *.* TO 'myuser'#'%';
It creates superuser e.g. grants privileges to all databases for all operations.
May I ask why you need direct access to MySQL? MySQL should really only listen to localhost, but you can access easily using SSH.
If using Windows, Putty allows you to establish an SSH connection to the host, and then forward 3306 localhost traffic to your own computer.
Better still, programs like SQLyog allow SSH tunnel connections to MySQL which is how I usually connect (unless the servers are on a VPN).
Are you using this server for development or does it have a public IP address?
please post the result of
nmap ***MYIPADDRESS***
and
nmap localhost
and
nmap MyDomain
if you do not have nmap install it from apt, then I can help you more.
I've just installed xampp, and am using command line to write mySQL.
I am using 'root' with no password and can connect to mysql but cannot CREATE DATABASE as I get the error 1044 access denied for user '' # 'localhost'. I am logged in as -uroot.
I have privileges in phpMyadmin to do what I want, but, in command line I seem to have no write privileges. I've looked at all the other related posts on this topic but to no avail. I cannot GRANT privileges as I have none anyway.
Are you logging into MySQL as root? You have to explicitly grant privileges to your "regular" MySQL user account while logged in as MySQL root.
First set up a root account for your MySQL database.
In the terminal type:
mysqladmin -u root password 'password'
To log into MySQL, use this:
mysql -u root -p
To set the privileges manually start the server with the skip-grant-tables option, open mysql client and manually update the mysql.user table and/or the mysql.db tables. This can be a tedious task though so if what you need is an account with all privs I would do the following.
Start the server with the skip-grant-tables option
Start mysql client (without a username/password)
Issue the command
flush privileges;
which forces the grant tables to be loaded.
Create a new account with the GRANT command something like this (but replacing username and password with whatever you want to use.
GRANT ALL on *.* to 'username'#'localhost' identified by 'password';
Restart the server in normal mode (without skip-grant-tables) and log in with your newly created account.
Refer this MySQL docs.
navigate do C:\xampp\mysql\bin\ and make sure the file mysql.exe is in that folder.
mysql -uroot -p
if dont have a password just press enter.
the prompt changes to
mysql>
do your mysql commands
By default there is no password is set for root user in XAMPP.
You can set password for root user of MySQL.
Navigate to
localhost:80/security/index.php
and set password for root user.
Note:Please change the port number in above url if your Apache in on different port.
Open XAMPP control panel Click "Shell" button
Command prompt window will open now in that window type
mysql -u root -p;
It will ask for password type the password which you have set for root user.
There you go ur logged in as root user :D Now do what u want to do :P
Gain access to a MariaDB 10 database server
After stopping the database server, the next step is to gain access to the server through a backdoor by starting the database server and skipping networking and permission tables. This can be done by running the commands below.
sudo mysqld_safe --skip-grant-tables --skip-networking &
Reset MariaDB root Password
Now that the database server is started in safe mode, run the commands below to logon as root without password prompt. To do that, run the commands below
sudo mysql -u root
Then run the commands below to use the mysql database.
use mysql;
Finally, run the commands below to reset the root password.
update user set password=PASSWORD("new_password_here") where User='root';
Replace new_password _here with the new password you want to create for the root account, then press Enter.
After that, run the commands below to update the permissions and save your changes to disk.
flush privileges;
Exit (CTRL + D) and you’re done.
Next start MariaDB normally and test the new password you just created.
sudo systemctl stop mariadb.service
sudo systemctl start mariadb.service
Logon to the database by running the commands below.
sudo mysql -u root -p
source: https://websiteforstudents.com/reset-mariadb-root-password-ubuntu-17-04-17-10/
I had the same issue, and it turned out to be that MariaDB was set to allow only root to log in locally via the unix_socket plug-in, so clearing that setting allowed successfully logging in with the user specified on the command line, provided a correct password is entered, of course.
See this answer on Ask Ubuntu
I re-installed the ODBC connector msi and re-installed mySQL directly (aside from xampp) and it now works. It was a connector problem I think, as SHOW DATABASES wasn't actually showing my databases at all.
My 'root' login wasn't getting access to the DB, which made it seem like it had limited priviliges but it actually wasn't connected properly.
Server file only change name folder
etc/mysql
rename
mysql-
this might help on Ubuntu:
go to /etc/mysql/my.cnf and comment this line:
bind-address = 127.0.0.1
Hope this helps someone, I've been searching for this a while too
Cheers
You mustn't have a space character between -u and the username:
mysql -uroot -p
# or
mysql --user=root --password
I am aware of this command:
GRANT ALL PRIVILEGES
ON database.*
TO 'user'#'yourremotehost'
IDENTIFIED BY 'newpassword';
But then it only allows me to grant a particular IP address to access this remote MySQL database. What if I want it so that any remote host can access this MySQL database? How do I do that? Basically I am making this database public so everyone can access it.
TO 'user'#'%'
% is a wildcard - you can also do '%.domain.example' or '%.123.123.123' and things like that if you need.
Enable Remote Access (Grant)
Home / Tutorials / Mysql / Enable Remote Access (Grant)
If you try to connect to your mysql server from remote machine, and run into error like below, this article is for you.
ERROR 1130 (HY000): Host ‘1.2.3.4’ is not allowed to connect to this
MySQL server
Change mysql config
Start with editing mysql config file
vim /etc/mysql/my.cnf
Comment out following lines.
#bind-address = 127.0.0.1
#skip-networking
If you do not find skip-networking line, add it and comment out it.
Restart mysql server.
~ /etc/init.d/mysql restart
Change GRANT privilege
You may be surprised to see even after above change you are not getting remote access or getting access but not able to all databases.
By default, mysql username and password you are using is allowed to access mysql-server locally. So need to update privilege. (if you want to create a separate user for that purpose, you can use CREATE USER 'USERNAME'#'localhost' IDENTIFIED BY 'PASSWORD';)
Run a command like below to access from all machines. (Replace USERNAME and PASSWORD by your credentials.)
mysql> GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'%' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
Run a command like below to give access from specific IP. (Replace USERNAME and PASSWORD by your credentials.)
mysql> GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'#'1.2.3.4' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION;
You can replace 1.2.3.4 with your IP. You can run above command many times to GRANT access from multiple IPs.
You can also specify a separate USERNAME & PASSWORD for remote access.
You can check final outcome by:
SELECT * from information_schema.user_privileges where grantee like "'USERNAME'%";
Finally, you may also need to run:
mysql> FLUSH PRIVILEGES;
Test Connection
From terminal/command-line:
mysql -h HOST -u USERNAME -pPASSWORD
If you get a mysql shell, don’t forget to run show databases; to check if you have right privileges from remote machines.
Bonus-Tip: Revoke Access
If you accidentally grant access to a user, then better have revoking option handy.
Following will revoke all options for USERNAME from all machines:
mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'USERNAME'#'%';
Following will revoke all options for USERNAME from particular IP:
mysql> REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'USERNAME'#'1.2.3.4';
Its better to check information_schema.user_privileges table after running REVOKE command.
If you see USAGE privilege after running REVOKE command, its fine. It is as good as no privilege at all. I am not sure if it can be revoked.
To be able to connect with your user from any IP address, do the following:
Allow mysql server to accept remote connections. For this open mysqld.conf file:
sudo gedit /etc/mysql/mysql.conf.d/mysqld.cnf
Search for the line starting with "bind-address" and set it's value to 0.0.0.0
bind-address = 0.0.0.0
and finally save the file.
Note: If you’re running MySQL 8+, the bind-address directive will not be in the mysqld.cnf file by default. In this case, add the directive to the bottom of the file /etc/mysql/mysql.conf.d/mysqld.cnf.
Now restart the mysql server, either with systemd or use the older service command. This depends on your operating system:
sudo systemctl restart mysql # for ubuntu
sudo systemctl restart mysqld.service # for debian
Finally, mysql server is now able to accept remote connections.
Now we need to create a user and grant it permission, so we can be able to login with this user remotely.
Connect to MySQL database as root, or any other user with root privilege.
mysql -u root -p
now create desired user in both localhost and '%' wildcard and grant permissions on all DB's as such .
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
Then,
GRANT ALL ON *.* TO 'myuser'#'localhost';
GRANT ALL ON *.* TO 'myuser'#'%';
And finally don't forget to flush privileges
FLUSH PRIVILEGES;
Note: If you’ve configured a firewall on your database server, you will also need to open port 3306 MySQL’s default port to allow traffic to MySQL.
Hope this helps ;)
Assuming that the above step is completed and MySql port 3306 is free to be accessed remotely; Don't forget to bind the public ip address in the mysql config file.
For example on my ubuntu server:
#nano /etc/mysql/my.cnf
In the file, search for the [mysqld] section block and add the new bind address, in this example it is 192.168.0.116. It would look something like this
......
.....
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address = 127.0.0.1
bind-address = 192.168.0.116
.....
......
you can remove th localhost(127.0.0.1) binding if you choose, but then you have to specifically give an IP address to access the server on the local machine.
Then the last step is to restart the MySql server
(on ubuntu)
stop mysql
start mysql
or #/etc/init.d/mysql restart for other systems
Now the MySQL database can be accessed remotely by:
mysql -u username -h 192.168.0.116 -p
Config file changes are required to enable connections via localhost.
To connect through remote IPs, Login as a "root" user and run the below queries in mysql.
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'localhost' WITH GRANT OPTION;
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
This will create a new user that is accessible on localhost as well as from remote IPs.
Also comment the below line from your my.cnf file located in /etc/mysql/my.cnf
bind-address = 127.0.0.1
Restart your mysql using
sudo service mysql restart
Now you should be able to connect remotely to your mysql.
For anyone who fumbled with this, here is how I got to grant the privileges, hope it helps someone
GRANT ALL ON yourdatabasename.* TO root#'%' IDENTIFIED BY
'yourRootPassword';
As noted % is a wildcard and this will allow any IP address to connect to your database. The assumption I make here is when you connect you'll have a user named root (which is the default though). Feed in the root password and you are good to go. Note that I have no single quotes (') around the user root.
Use this command:
GRANT ALL ON yourdatabasename.* TO root#'%' IDENTIFIED BY 'yourRootPassword';
Then:
FLUSH PRIVILEGES;
Then comment out the below line in file "/etc/mysql/mysql.conf.d/mysqld.cnf" (is required!):
bind-address = 127.0.0.1
Works for me!
Run the following:
$ mysql -u root -p
mysql> GRANT ALL ON *.* to root#'ipaddress' IDENTIFIED BY 'mysql root password';
mysql> FLUSH PRIVILEGES;
mysql> exit
Then attempt a connection from the IP address you specified:
mysql -h address-of-remove-server -u root -p
You should be able to connect.
You can slove the problem of MariaDB via this command:
Note:
GRANT ALL ON *.* to root#'%' IDENTIFIED BY 'mysql root password';
% is a wildcard. In this case, it refers to all IP addresses.
To remotely access database Mysql server 8:
CREATE USER 'root'#'%' IDENTIFIED BY 'Pswword#123';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
GRANT ALL PRIVILEGES ON *.* TO 'user'#'ipadress'
START MYSQL using admin user
mysql -u admin-user -p (ENTER PASSWORD ON PROMPT)
Create a new user:
CREATE USER 'newuser'#'%' IDENTIFIED BY 'password'; (% -> anyhost)
Grant Privileges:
GRANT SELECT,DELETE,INSERT,UPDATE ON db_name.* TO 'newuser'#'%';
FLUSH PRIVILEGES;
If you are running EC2 instance don't forget to add the inbound rules in security group with MYSQL/Aurura.
Edit File:
/etc/mysql/percona-server.cnf
Append below code in file.
[mysqld]
bind-address = 0.0.0.0
Create user for remote access.
$ mysql -u root -p
mysql> GRANT ALL ON *.* to snippetbucketdotcom#'%' IDENTIFIED BY 'tejastank';
mysql> FLUSH PRIVILEGES;
mysql> exit
All linux server works,
For MSWin c:\ Find insatallation location \ file path
Just create the user to some database like
GRANT ALL PRIVILEGES ON <database_name>.* TO '<username>'#'%' IDENTIFIED BY '<password>'
Then go to
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf and change the line bind-address = 127.0.0.1 to bind-address = 0.0.0.0
After that you may connect to that database from any IP.
Open your mysql console and execute the following command (enter your database name,username and password):
GRANT ALL ON yourdatabasename.* TO admin#'%' IDENTIFIED BY
'yourRootPassword';
Then Execute:
FLUSH PRIVILEGES;
Open command line and open the file /etc/mysql/mysql.conf.d/mysqld.cnf using any editor with root privileges.
For example:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Then comment out the below line:
bind-address = 127.0.0.1
Restart mysql to reflect the changes using command:
sudo service mysql restart
Enjoy ;)
You need to change the mysql config file:
Start with editing mysql config file
vim /etc/mysql/my.cnf
add:
bind-address = 0.0.0.0
what worked for on Ubuntu is granting all privileges to the user:
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'yourpassword' WITH GRANT OPTION;
and setting the bind address in /etc/mysql/mysql.conf.d/mysqld.cnf:
bind-address = 0.0.0.0
then restarting the mysql daemon:
service mysql restart
Go to this directory "/etc/mysql/mysql.conf.d" then
edit this file " mysqld.cnf"
$nano mysqld.cnf
bind-address = 127.0.0.1
mysqlx-bind-address = 127.0.0.1
edit to
bind-address = 0.0.0.0
mysqlx-bind-address = 0.0.0.0
In website panels like cPanel you may add a single % (percentage sign) in allowed hostnames to access your MySQL database.
By adding a single % you can access your database from any IP or website even from desktop applications.
For example in my CentOS
sudo gedit /etc/mysql/my.cnf
comment out the following lines
#bind-address = 127.0.0.1
then
sudo service mysqld restart
If you want to grant remote access of your database from any IP address, run the mysql command and after that run the following command.
GRANT ALL PRIVILEGES ON *.*
TO 'root'#'%'
IDENTIFIED BY 'password'
WITH GRANT OPTION;
I see there are many answers, but they are quite long ones except for the accepted answer, which is quite short and lacks explanation. As I can't edit it, I am adding my answer. Adit asked about:
making this database public so everyone can access it
GRANT ALL PRIVILEGES
ON database.*
TO 'username'#'remote_host'
IDENTIFIED BY 'password';
Above code grants permissions for a user from a given remote host, you can allow a user to connect from any remote host to MySQL by changing TO 'username'#'yourremotehost' to TO 'username'#'%'.
So, the corrected query for granting permissions to a user to connect from any remote host is:
GRANT ALL PRIVILEGES
ON database.*
TO 'username'#'%'
IDENTIFIED BY 'password';
You can disable all security by editing /etc/my.cnf:
skip-grant-tables