I want to access to MySQL db on an Ubuntu Server from another Web server.
I get my web server outgoing IP with this PHP script running on the Web server:
$realIP = file_get_contents("http://ipecho.net/plain");
echo "Real IP: $realIP<br>";
I opened the ufw port on the Mysql Server:
sudo ufw allow from realIP_result to any port 3306
I change the Mysql configuration file to accept remote connections:
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
and then edit updated the bind-address to 0.0.0.0:
bind-address = 0.0.0.0
I create the user on MySQL Server:
CREATE USER 'sammy'#'remote_server_ip' IDENTIFIED WITH mysql_native_password BY 'password';
I created in this way, but I also tried without the mysql_native_password.
I grant all to that user:
GRANT CREATE, ALTER, DROP, INSERT, UPDATE, DELETE, SELECT, REFERENCES, RELOAD on *.* TO 'sammy'#'remote_server_ip' WITH GRANT OPTION;
I flush privileges:
FLUSH PRIVILEGES;
And when I try to connect from the web server with this PHP script:
$conn2=mysqli_connect("MYSQLIP","sammy","password","mydbname");
// Check connection
if ($error = mysqli_connect_error($conn2)) {
echo "Failed to connect to MySQL: " . $error;
exit();
}
I get this error:
Warning: mysqli_connect(): (HY000/2002): Connection timed out in /customers/e/9/2/mysite/myscript.php on line XX Failed to connect to MySQL: Connection timed out
How can I resolve, or debug further?
Related
I have a connection problem with a mysql8 database, php7.3 and Symfony 5. The user and the password are correct !
The connection to MySQL8 database must be done from an SSH tunnel
The SSH tunnel is working :
ssh -p [remote_machine_port] -N -L [mysql_tunnel_port]: 127.0.0.1: 3306 -i / [directory] / private_key [username] # [remote_machine_ip]
MySQL access configuration:
GRANT ALL PRIVILEGES ON 'databasename'.* TO '[user]'#'%' WITH GRANT OPTION;
Doctrine configuration :
DATABASE_URL='mysql://[user]:[password]#127.0.0.1:[port_tunnel_mysql]/[databasename]'
An exception occurred in driver: SQLSTATE [HY000] [1130] Host '127.0.0.1' is not allowed to connect to this MySQL server
I have the same problem with heidiSQL and on the VM
I tried with the Ip of the VM instead of 127.0.0.1
ssh -p [port_machine_distant] -N -L [port_tunnel_mysql]:[ip_machine_vm]:3306 -i /[directory]/private_key [username]#[ip_machine_distant]
Doctrine configuration
DATABASE_URL='mysql://[user]:[password]#[ip_machine_vm]:[port_tunnel_mysql]/[databasename]'
An exception occurred in driver: SQLSTATE [HY000] [2002] Connection refused
However, this setting works with heidiSQL but not with the Symfony application !
Did I forget a setting on the VM or Mysql ?
127.0.0.1 connection issue :
We have created the '[user]'#'127.0.0.1' rights.
In MySQL, 127.0.0.1 uses the network and localhost uses the socket.
The message "The server requested authentication method unknown to the client [caching_sha2_password]" was caused because the setting 'default-authentication-plugin=mysql_native_password' was created after the creation of the rights.
We regenerated the rights, and now everything is working fine.
For some reason, I've been unable to connect remotely to my MySQL server. I've tried everything and I'm still getting errors.
root#server1:/home/administrator# mysql -u monty -p -h www.ganganadores.cl
Enter password:
ERROR 1045 (28000): Access denied for user 'monty'#'server1.ganganadores.cl' (using password: YES)
Now, I've tried running
GRANT ALL ON *.* to monty#localhost IDENTIFIED BY 'XXXXX';
GRANT ALL ON *.* to monty#'%' IDENTIFIED BY 'XXXXXX';`
and still nothing!
What I'm doing wrong?
EDIT: my.cnf has commented out the bind ip .
To expose MySQL to anything other than localhost you will have to have the following line
For mysql version 5.6 and below
uncommented in /etc/mysql/my.cnf and assigned to your computers IP address and not loopback
For mysql version 5.7 and above
uncommented in /etc/mysql/mysql.conf.d/mysqld.cnf and assigned to your computers IP address and not loopback
#Replace xxx with your IP Address
bind-address = xxx.xxx.xxx.xxx
Or add a
bind-address = 0.0.0.0 if you don't want to specify the IP
Then stop and restart MySQL with the new my.cnf entry. Once running go to the terminal and enter the following command.
lsof -i -P | grep :3306
That should come back something like this with your actual IP in the xxx's
mysqld 1046 mysql 10u IPv4 5203 0t0 TCP xxx.xxx.xxx.xxx:3306 (LISTEN)
If the above statement returns correctly you will then be able to accept remote users. However for a remote user to connect with the correct priveleges you need to have that user created in both the localhost and '%' as in.
CREATE USER 'myuser'#'localhost' IDENTIFIED BY 'mypass';
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypass';
then,
GRANT ALL ON *.* TO 'myuser'#'localhost';
GRANT ALL ON *.* TO 'myuser'#'%';
and finally,
FLUSH PRIVILEGES;
EXIT;
If you don't have the same user created as above, when you logon locally you may inherit base localhost privileges and have access issues. If you want to restrict the access myuser has then you would need to read up on the GRANT statement syntax HERE If you get through all this and still have issues post some additional error output and the my.cnf appropriate lines.
NOTE: If lsof does not return or is not found you can install it HERE based on your Linux distribution. You do not need lsof to make things work, but it is extremely handy when things are not working as expected.
UPDATE: If even after adding/changing the bind-address in my.cnf did not work, then go and change it in the place it was originally declared:
/etc/mysql/mariadb.conf.d/50-server.cnf
Add few points on top of apesa's excellent post:
1) You can use command below to check the ip address mysql server is listening
netstat -nlt | grep 3306
sample result:
tcp 0 0 xxx.xxx.xxx.xxx:3306 0.0.0.0:* LISTEN
2) Use FLUSH PRIVILEGES to force grant tables to be loaded if for some reason the changes not take effective immediately
GRANT ALL ON *.* TO 'user'#'localhost' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
GRANT ALL ON *.* TO 'user'#'%' IDENTIFIED BY 'passwd' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
user == the user u use to connect to mysql ex.root
passwd == the password u use to connect to mysql with
3) If netfilter firewall is enabled (sudo ufw enable) on mysql server machine, do the following to open port 3306 for remote access:
sudo ufw allow 3306
check status using
sudo ufw status
4) Once a remote connection is established, it can be verified in either client or server machine using commands
netstat -an | grep 3306
netstat -an | grep -i established
MySQL only listens to localhost, if we want to enable the remote access to it, then we need to made some changes in my.cnf file:
sudo nano /etc/mysql/my.cnf
We need to comment out the bind-address and skip-external-locking lines:
#bind-address = 127.0.0.1
# skip-external-locking
After making these changes, we need to restart the mysql service:
sudo service mysql restart
You are using ubuntu 12 (quite old one)
First, Open the /etc/mysql/mysql.conf.d/mysqld.cnf file (/etc/mysql/my.cnf in Ubuntu 14.04 and earlier versions
Under the [mysqld] Locate the Line,
bind-address = 127.0.0.1
And change it to,
bind-address = 0.0.0.0
or comment it
Then, Restart the Ubuntu MysQL Server
systemctl restart mysql.service
Now Ubuntu Server will allow remote access to the MySQL Server, But still you need to configure MySQL users to allow access from any host.
User must be 'username'#'%' with all the required grants
To make sure that, MySQL server listens on all interfaces, run the netstat command as follows.
netstat -tulnp | grep mysql
Hope this works !
If testing on Windows, don't forget to open port 3306.
In my case I was using MySql Server version: 8.0.22
I had to add
bind-address = 0.0.0.0
and change this line to be
mysqlx-bind-address = 0.0.0.0
in file at
/etc/mysql/mysql.conf.d
then restart MySQL by running
sudo service mysql restart
I was facing the same problem when I was trying to connect Mysql to a Remote Server. I had found out that I had to change the bind-address to the current private IP address of the DB server.
But when I was trying to add the bind-address =0.0.0.0 line in my.cnf file, it was not understanding the line when I tried to create a DB.
Upon searching, I found out the original place where bind-address was declared.
The actual declaration is in : /etc/mysql/mariadb.conf.d/50-server.cnf
Therefore I changed the bind-address directly there and then all seems working.
I am trying to connect to mysql using PHP in ubuntu LAMP. I can login to phpmyadmin , but not able to connect using php code. The code was working well in XAMPP .
I am using the following code
$con=mysql_connect("127.0.0.1","myusername","mypassword");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
But it shows the following error
Could not connect: Access denied for user 'root'#'localhost' (using password: YES)
There is 3 (that i know of) posible solutions to this depending on the problem.
There is a firewall in ubuntu that you need to open, you do this by granting access in IPtables.
/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT
And now we should be able to login to our server from our local machine:
mysql -h255.112.324.12 -uroot -pMyPASSWORD
You need to grant access to mysql: https://askubuntu.com/questions/159053/mysql-server-not-accessible-from-remote-machine
as root, open your /etc/mysql/my.cnf with your favorite editor
look for the [mysqld] section, and in there for the bind-address keyword. This usually is set to 127.0.0.1 -- change that to match your "normal" IP-address
save the file, and reload the service (e.g. using service mysql restart)
Last but not least you need to give remote access in mysql:
GRANT ALL ON mydb.* TO root#'%' IDENTIFIED BY 'MyPASSWORD';
Source: http://web.archive.org/web/20120930214828/http://chosencollective.com/technology/how-to-enable-remote-access-to-mysql + Many sleepless nights.
When i connect my database by a php script it shows
Could not connect: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)
the username and password is right.
something of the my.cnf
[client]
#password = your_password
port = 3306
socket = /data/mysql/mysql.sock
# Here follows entries for some specific programs
# The MySQL server
[mysqld]
port = 3306
socket = /data/mysql/mysql.sock
skip-external-locking
ps: i change it to socket = /var/lib/mysql/mysql.sock the php script still says "/var/lib/mysql/mysql.sock"?. then run
mysqladmin -u root -p status
it shows
mysqladmin: connect to server at 'localhost' failed
error: 'Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)'
Check that mysqld is running and that the socket: '/var/lib/mysql/mysql.sock' exists!
service mysqld restart
mysqld: unrecognized service
Q: Does your my.conf still says "/var/lib/mysql/mysql.sock"?
Q: Does the directory "/var/lib/mysql" exist?
Q: Does your mysql user (or better, mysql group) have writer permission?
If so, please try re-starting mysql and see what happens.
ADDENDUM:
One other thing to try is to create a mysql.sock and explicitly give it permissions:
cd /var/lib
mkdir mysql
touch mysql/mysql.sock
chown -R mysql:mysql mysql
I'm attempting to connect to a remote server, which I'll refer to as machine A. I've created a user following the instructions here
CREATE USER 'monty'#'localhost' IDENTIFIED BY 'some_pass';
GRANT ALL PRIVILEGES ON *.* TO 'monty'#'localhost'
WITH GRANT OPTION;
CREATE USER 'monty'#'%' IDENTIFIED BY 'some_pass';
GRANT ALL PRIVILEGES ON *.* TO 'monty'#'%'
WITH GRANT OPTION;
On machine A I can run the command
mysql -u monty -h website.com -p
This connects to sql with no problem. However, when attempting to do this from some machine B I receive the error:
ERROR 2003 (HY000): Can't connect to MySQL server on 'website.com' (113)
I've also commented out the following line:
# bind-address = 127.0.0.1
in the /etc/mysql/my.cnf file. Still no luck connecting from a remote connection. Any obvious things that I might be missing? Any feedback as always is very much appreciated.
I think it's your GRANT that needs fixing.
GRANT ALL PRIVILEGES ON *.* TO 'monty'#'localhost'
Might need to be
GRANT ALL PRIVILEGES ON *.* TO 'monty'#'website.com'
You're going to want to make sure things are secure though.
It's usually best practice to try not to allow outside mysql connects that aren't from localhost.
It looks like the 'website.com' address cannot be resolved from the machine B. Please try to connect the MySQL server using the IP address of machine A, i.e.:
mysql -u monty -h x.x.x.x -p
If it will work, please make sure you mapped the IP address of the machine A to the name 'website.com' correctly.
My problem was that the firewall was blocking the connection.
I was using CentOS 7 and was getting this error:
mysql -usomeuser -h192.168.194.4 -p somedb
ERROR 2003 (HY000): Can't connect to MySQL server on '192.168.194.4' (113)
So, I installed telnet to try and got this:
[root#vm3 config]# telnet 192.168.194.4 3306
Trying 192.168.194.4...
telnet: connect to address 192.168.194.4: No route to host
and as others noted, the error 113 is "No route to host" which is not a MySQL config issue.
I could have just opened 3306 to the world or just the one IP I was connecting from, but instead, I decided to create a new zone since it was for my ESX host's internal "hostonly" network.
On the host running MySQL (MariaDB), I ran these firewall commands:
firewall-cmd --new-zone=esxlocalhost --permanent
firewall-cmd --reload
firewall-cmd --zone=esxlocalhost --permanent --add-source=192.168.194.0/24
firewall-cmd --zone=esxlocalhost --permanent --add-port=3306/tcp
firewall-cmd --reload
Once that was done, I could connect on the client:
mysql -usomeuser -h192.168.194.4 -p somedb
Enter password:
And life was good