Problem using Perl to connect to MySQL database on remote server - mysql

I have a Perl script that gets data from a MySQL database on one server (let's call it server1), does stuff with it and writes it out to another database on another server (server2). Both servers are remote to the server that runs the Perl script.
I can connect to the DB on server1 OK, but when I try to connect to the DB on server2, using the same DBI method, I get an error. Here, as command-line Perl, is the bit that's causing the error:
perl -MDBI -e 'DBI->connect("DBI:mysql:myDB:server2.whatever.co.uk","myuser","mypassword") or die DBI->errstr;'
And here's the error message:
DBI connect('myDB:server2.whatever.co.uk','myuser',...) failed: Client does not support authentication protocol requested by server; consider upgrading MySQL client at -e line 1
Client does not support authentication protocol requested by server; consider upgrading MySQL client at -e line 1.
I do not have root access so I can't upgrade MySQL and I can't change the password to use the old password hashing algorithm, which is the solution suggested in lots of places.
Ideas anyone?

The database may be set up to accept connections only from within a certain set of addresses, as a security measure. So if you're trying to access a prod database from a home laptop (for example), it may reject you, even if you have the proper credentials. Try accessing it from a place where it's known to work using another technology -- for example, if you have a website that accesses it already, go to wherever apache/tomcat is running, and try the perl there. If it works, that's the issue. You can also proactively check on the database settings.

OK, in the absence of an alternative, I got someone with root access to server2 to do the fix that's published elsewhere:
Connect to MySQL as the MySQL root user, then:
mysql> use mysql;
mysql> SET PASSWORD FOR 'username'#'hostname' = OLD_PASSWORD('password');
mysql> FLUSH PRIVILEGES;
Replacing 'username', 'hostname' and 'password' with appropriate values.
So what I'm saying here is, it seems like if you don't have root access to upgrade MySQL or to change the password to use the old password hashing algorithm, then the only solution is to find someone who does who can make the change for you.

Related

Mysql remote connections

I've an application on windows forms that needs to connect to a remote server with a static ip, however I already installed mysql on the server, provided the next command
GRANT ALL PRIVILEGES ON *.* TO 'root'#'%' IDENTIFIED BY 'password' WITH GRANT OPTION; FLUSH PRIVILEGES;
and also put an exception in Windows Firewall, but I'm still unable to connect, I don't know if there is something else to do!, I forgot to say it is a Windows Server 2012 R2
This is not the issue with previliges of user. This is about connection rights. LIke mostly on CPanel we have an option of Remote MySQL. Under this option we either have to provide ip address which we want to allow to connect to mysql or wild card mask % to allow any ip to connect to the server. Check with your hosting how it allows you to connnect. yes these previliges are necessary thay you have given. that is ok but check Remote MySQl if you have cPanel.
Thanks
Check your logs and trap your errors.
Confirm your app can reach the sql port and connect. (From the windows machine, can you telnet to the sql port on the sql server?) If not, look at your firewall, and verify your sql instance is bound to a public ip as Bernd suggests.
Once you know the host can reach the sql server, verify your app is actually connecting. Trap errors from connect functions and read them out.
Then verify the credentials are accepted. Again, trap any errors and read them out in your program.
Then, when you're processing a sql statement, trap any errors and read them out to yourself in your program.
(You may find it useful to write a log file from your program containing any errors you detect on any line of code interacting with your database)
Once you've narrowed down where your issue actually is, a solution will probably present itself. Or at least you'll have narrowed it down, and can update us with a specific error message from where the failure has occured.
Good luck!

Host is not allowed to connect to this MySQL server for client-server application

I just exported my tables from one web host to another (AWS).
Thinking everything would go smoothly (yeah right), well, everything that can go wrong has gone wrong.
I get this error when trying to query my database (which I didn't get before):
SQLSTATE[HY000] [1130] Host '<my ip address>' is not allowed to connect to this MySQL server
This is the same error from this post:
Host 'xxx.xx.xxx.xxx' is not allowed to connect to this MySQL server
The solution in that post seems to revolve around having an administrative user. I am developing a chat application so every user needs to access the server (so I'm sure it's a bad idea to give them all administrative privileges).
The answer by Pascal in that link says, If you are using mysql for a client/server application, prefer a subnet address. but I honestly don't understand what he means by that. And because of the amount of solutions, I'm not exactly sure which one I should follow based on my case.
How do I resolve this?
MySQL has security tables that determine who is allowed to connect and from what host IP address.
Here's a good article on how to do it:
http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html
If you have a lot of connections, consider setting up a server to accept the connections and talk to the sql server. The easiest approach to this is to set up a REST interface and use a web server. Web servers are usually also highly optimized and relatively bug free.
In a similar architecture on AWS, I use nginx happily.
Make sure you have bind-address=YOUR-SERVER-IP in my.cnf and make sure you have a user hd1#172.31.39.86 or hd1#%, the latter being a MySQL wildcard on the MySQL server. More information here. You may also need to grant access to port 3306 (the default MySQL port) on the security groups section of the AWS console.
// IN YOUR MYSQL WORKBENCH You Have to Execute below query
CREATE USER 'root'#'1.2.1.5(Your Application Server IP)' IDENTIFIED BY 'pass';
GRANT ALL PRIVILEGES ON *.* TO 'root'#'10.200.1.54' WITH GRANT OPTION;
AFTER CREATING YOU CAN VIEW USING BELOW QUERY
SELECT * FROM mysql.user WHERE User = 'root';

mysql on ec2 amazon instance attempting to login with incorrect user

I've set up a very basic LAMP setup on an ec2 server, all good it seems to work.
However i've seen for some queries a failure to connect to the mysql server with the following error:
[07-Jul-2013 20:15:41 Australia/Sydney] PHP Warning: mysql_real_escape_string(): Access denied for user 'ec2-user'#'localhost' (using password: NO) in /var/www/html/mycobber/class/sql/SqlQuery.class.php on line 40
[07-Jul-2013 20:15:41 Australia/Sydney] PHP Warning: mysql_real_escape_string(): A link to the server could not be established in /var/www/html/xxx/xxxx/sql/SqlQuery.class.php on line 40
the thing i dont' understand is the fact that in no location in my mysql connection configuration does it specify the user ec2-user. this is the default user when I log onto the unix server. I've set up a separate account to actually run all my processes, i dont' even use the es2-user.
I've looked online and can't see anything to explain this. does anyone have an idea what's going on here. it's not all the time
Your can't call mysql_real_escape_string without having opened a connection with mysql_connect first.
Quoting from the documentation:
A MySQL connection is required before using mysql_real_escape_string() otherwise an error of level E_WARNING is generated, and FALSE is returned.
The error message refers to your default username # localhost because you haven't opened a connection with specific credentials yet - it doesn't know what account details to use.

Connecting to MySQL 4.1 from PHP5.3.13 command line interface [duplicate]

I'm trying to connect to a mySQL database at http://bluesql.net, but when I try to connect, it gives this error:
Connect Error (2000) mysqlnd cannot connect to MySQL 4.1+ using old authentication
I've looked into this, and it has to do with some old password scheme used before MySQL 4.1. Newer versions have the option to use old passwords, which I've read may cause this problem.
I'm running php 5.3, and connecting with mySQLi (new mysqli(...)). I'm hoping I can do something in the code to connect to the DB at bluesql.net - clearly I don't control how their database is set up. Downgrading php versions isn't an option.
Anyone have any ideas?
edit: This only applies if you are in control of the MySQL server... if you're not take a look at Mysql password hashing method old vs new
First check with the SQL query
SHOW VARIABLES LIKE 'old_passwords'
(in the MySQL command line client, HeidiSQL or whatever front end you like) whether the server is set to use the old password schema by default. If this returns old_passwords,Off you just happen to have old password entries in the user table. The MySQL server will use the old authentication routine for these accounts. You can simply set a new password for the account and the new routine will be used.
You can check which routine will be used by taking a look at the mysql.user table (with an account that has access to that table)
SELECT `User`, `Host`, Length(`Password`) FROM mysql.user
This will return 16 for accounts with old passwords and 41 for accounts with new passwords (and 0 for accounts with no password at all, you might want to take care of those as well).
Either use the user management tools of the MySQL front end (if there are any) or
SET PASSWORD FOR 'User'#'Host'=PASSWORD('yourpassword');
FLUSH Privileges;
(replace User and Host with the values you got from the previous query.) Then check the length of the password again. It should be 41 now and your client (e.g. mysqlnd) should be able to connect to the server.
see also the MySQL documentation:
* http://dev.mysql.com/doc/refman/5.0/en/old-client.html
* http://dev.mysql.com/doc/refman/5.0/en/password-hashing.html
* http://dev.mysql.com/doc/refman/5.0/en/set-password.html
If you do not have control of the server
I just had this issue, and was able to work around it.
First, connect to the MySQL database with an older client that doesn't mind old_passwords. Connect using the user that your script will be using.
Run these queries:
SET SESSION old_passwords=FALSE;
SET PASSWORD = PASSWORD('[your password]');
In your PHP script, change your mysql_connect function to include the client flag 1:
define('CLIENT_LONG_PASSWORD', 1);
mysql_connect('[your server]', '[your username]', '[your password]', false, CLIENT_LONG_PASSWORD);
This allowed me to connect successfully.
Edit: as per Garland Pope's comment, it may not be necessary to set CLIENT_LONG_PASSWORD manually any more in your PHP code as of PHP 5.4!
Edit: courtesy of Antonio Bonifati, a PHP script to run the queries for you:
<?php const DB = [ 'host' => '...', # localhost may not work on some hosting
'user' => '...',
'pwd' => '...', ];
if (!mysql_connect(DB['host'], DB['user'], DB['pwd'])) {
die(mysql_error());
} if (!mysql_query($query = 'SET SESSION old_passwords=FALSE')) {
die($query);
} if (!mysql_query($query = "SET PASSWORD = PASSWORD('" . DB['pwd'] . "')")) {
die($query);
}
echo "Excellent, mysqli will now work";
?>
you can do these line on your mysql query browser or something
SET old_passwords = 0;
UPDATE mysql.user SET Password = PASSWORD('testpass') WHERE User = 'testuser' limit 1;
SELECT LENGTH(Password) FROM mysql.user WHERE User = 'testuser';
FLUSH PRIVILEGES;
note:your username and password
after that it should able to work. I just solved mine too
On OSX, I used MacPorts to address the same problem when connecting to my siteground database. Siteground appears to be using 5.0.77mm0.1-log, but creating a new user account didn't fix the problem. This is what did
sudo port install php5-mysql -mysqlnd +mysql5
This downgrades the mysql driver that php will use.
Had the same issue, but executing the queries alone will not help. To fix this I did the following,
Set old_passwords=0 in my.cnf file
Restart mysql
Login to mysql as root user
Execute FLUSH PRIVILEGES;
If you do not have Administrator access to the MySQL Server configuration (i.e. you are using a hosting service), then there are 2 options to get this to work:
1) Request that the old_passwords option be set to false on the MySQL server
2) Downgrade PHP to 5.2.2 until option 1 occurs.
From what I've been able to find, the issue seems to be with how the MySQL account passwords are stored and if the 'old_passwords' setting is set to true. This causes a compatibility issue between MySQL and newer versions of PHP (5.3+) where PHP attempts to connect using a 41-character hash but the MySQL server is still storing account passwords using a 16-character hash.
This incompatibility was brought about by the changing of the hashing method used in MySQL 4.1 which allows for both short and long hash lengths (Scenario 2 on this page from the MySQL site: http://dev.mysql.com/doc/refman/5.5/en/password-hashing.html) and the inclusion of the MySQL Native Driver in PHP 5.3 (backwards compatibility issue documented on bullet 7 of this page from the PHP documentation: http://www.php.net/manual/en/migration53.incompatible.php).
IF,
You are using a shared hosting, and don't have root access.
you are getting the said error while connecting to a remote database ie: not localhost.
and your using Xampp.
and the code is running fine on live server, but the issue is only on your development machine running xampp.
Then,
It is highly recommended that you install xampp 1.7.0 . Download Link
Note: This is not a solution to the above problem, but a FIX which would allow you to continue with your development.

Remote mySQL connection throws "cannot connect to MySQL 4.1+ using the old insecure authentication" error from XAMPP

I'm running a local copy of WordPress on XAMPP/WinXP for development, but would like to maintain a connection to the remote database. I keep getting "Error establishing database connection" no matter what I try.
On the same PC, I can connect to the remote mySQL DB using any number of mySQL clients, and on the mySQL side, the both the user and the database are set to accept incoming requests from any wildcard domain. I can also easily ping the remote database server from my PC (though I don't know how to do it from WITHIN XAMPP).
Is XAMPP its own little universe that can't reach through to the outside world? Or is there something I'm clearly overlooking that's not letting me connect?
Errors
Warning: mysql_connect() [function.mysql-connect]: Premature end of data (mysqlnd_wireprotocol.c:553) in C:\xampp\htdocs\dbtest.php on line 5
Warning: mysql_connect() [function.mysql-connect]: OK packet 1 bytes shorter than expected in C:\xampp\htdocs\dbtest.php on line 5
Warning: mysql_connect() [function.mysql-connect]: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication
Edit
Thanks to #Michael for suggesting I just create a simple connection script so I can get better insight into the actual error that's being thrown. This revealed that it had to do with the old_password setting in mySQL. See my Answer below for a full description of how to resolve this issue.
Here's the test script I put inside my xampp\htdocs folder and tested out:
<?php
$mysqli = new mysqli('my.server.address', 'user_name', 'password', 'database_name');
if ($mysqli->connect_error){
die ("Connect error: " . $mysqli->connect_error );
}
I'm not really clear on why this became an issue on my XAMPP installation, since I'm also running PHP 5.3.x on the server's local box and wasn't experiencing those issues there. However, it has to do with my mySQL server running in "old password" encryption mode. Newer versions of PHP won't allow those kinds of connections, so you need to update your mySQL server to use the newer password encryption. Here are the steps, assuming you have control over the mySQL server. If you don't, that falls out of the scope of my knowledge.
locate the configuration file for the mysql server called my.cnf. I found mine at /etc/my.cnf. You can edit it with sudo nano /etc/my.cnf
Look for a line that says old_passwords=1 and change that to old_passwords=0. You have now told the server that the next time it is run, and it is asked to encrypt a password using the PASSWORD() command, it use the new 41-character encryption rather than the 16-character 'old' style encryption
Now you have to restart your mysql server / service. YMMV, but on Fedora that was easily done with sudo service mysqld restart. Check your OS' instructions for restarting the mysql daemon or service
Now we have to actually edit our user table within mysql. So open up an interactive shell to mysql (on the server you can type mysql -uYourRootUsername -pYourRootPassword)
Change to the mysql database. This is the database that holds all the good stuff for server operation and authentication. You must have root access to work with this database. If you get an 'access denied' you're SOL. Sorry. use mysql; will switch to that database
Now we want to update the user that was giving you grief. Ultimately you'll probably want to update all your users, but for now, we're just focusing on the user that threw the error. update user set Password=password('YOUR_PASSWORD') where User='YOUR_USERNAME';
Now you just need to tell mysql to use the new password for authentication when that user attempts to connect. flush privileges;.
You should be good to go!