Remote Connections Mysql Ubuntu
For some reason, I’ve been unable to connect remotely to my MySQL server. I’ve tried everything and I’m still getting errors.
root@server1:/home/administrator# mysql -u monty -p -h www.ganganadores.cl Enter password: ERROR 1045 (28000): Access denied for user 'monty'@'server1.ganganadores.cl' (using password: YES)
GRANT ALL ON *.* to monty@localhost IDENTIFIED BY 'XXXXX'; GRANT ALL ON *.* to monty@'%' IDENTIFIED BY 'XXXXXX';`
7 Answers 7
To expose MySQL to anything other than localhost you will have to have the following line
For mysql version 5.6 and below
uncommented in /etc/mysql/my.cnf and assigned to your computers IP address and not loopback
For mysql version 5.7 and above
uncommented in /etc/mysql/mysql.conf.d/mysqld.cnf and assigned to your computers IP address and not loopback
#Replace xxx with your IP Address bind-address = xxx.xxx.xxx.xxx
Or add a bind-address = 0.0.0.0 if you don’t want to specify the IP
Then stop and restart MySQL with the new my.cnf entry. Once running go to the terminal and enter the following command.
That should come back something like this with your actual IP in the xxx’s
mysqld 1046 mysql 10u IPv4 5203 0t0 TCP xxx.xxx.xxx.xxx:3306 (LISTEN)
If the above statement returns correctly you will then be able to accept remote users. However for a remote user to connect with the correct priveleges you need to have that user created in both the localhost and ‘%’ as in.
CREATE USER 'myuser'@'localhost' IDENTIFIED BY 'mypass'; CREATE USER 'myuser'@'%' IDENTIFIED BY 'mypass';
GRANT ALL ON *.* TO 'myuser'@'localhost'; GRANT ALL ON *.* TO 'myuser'@'%';
If you don’t have the same user created as above, when you logon locally you may inherit base localhost privileges and have access issues. If you want to restrict the access myuser has then you would need to read up on the GRANT statement syntax HERE If you get through all this and still have issues post some additional error output and the my.cnf appropriate lines.
NOTE: If lsof does not return or is not found you can install it HERE based on your Linux distribution. You do not need lsof to make things work, but it is extremely handy when things are not working as expected.
UPDATE: If even after adding/changing the bind-address in my.cnf did not work, then go and change it in the place it was originally declared:
/etc/mysql/mariadb.conf.d/50-server.cnf
Настройка удаленного подключения к MySQL
Материал статьи предназначен для начинающих, профессионалы Хабра в большинстве не нуждаются в изложении этого вопроса. Тем не менее, те, кто делает первые шаги в работе с MySQL часто задают подобные вопросы. Статья написан для тех, кто впервые столкнулся с необходимостью установить удаленное соединение с базой данных MySQL. В статье рассказывается о сложностях, которые могут возникнуть при настройке удаленного соединения и о методах их преодоления.
Как установить соединение с удаленной базой?
Из четырех возможных протоколов удаленное подключение позволяет только TCP/IP, поэтому первым требованием является доступность компьютера из сети по TCP/IP.
Далее необходимо добавить имя хоста (или ip адрес машины, на которой расположена база) в строке подключения:
mysql —host=host_name
Обратите внимание, что указание в качестве имени хоста значения localhost (или же отсутствие такого параметра, что то же самое, так как это дефолтное значение) приводит к обращению на локальную машину.
Как настроить соединение с удаленной базой?
В MySQL пользователь характеризуется двумя параметрами: именем и хостом, с которого он может обращаться. По умолчанию доступ разрешен только с локальной машины, т.е. для пользователя user@localhost. Права на доступ пользователям даются с помощью команды GRANT. Команда выполняется под рутом.
Например, если я хочу создать юзера, который сможет коннектиться с любого хоста с полными правами, то следует выполнить следующую команду:
GRANT ALL PRIVILEGES ON `имя_базы`.* TO myuser@% IDENTIFIED BY ‘пароль’;
Примечание. Обратите внимание, что данная команда дает доступ пользователю myuser со всех IP кроме 127.0.0.1, соответсвующего localhost.
Для пользователя myuser@localhost необходимо давать права отдельной командой GRANT.
Если вы решите обратиться к локальной машине как к удаленной, используя протокол TCP/IP, то не забывайте, что myuser@localhost и myuser@ip_собственного_компа это разные пользователи и каждому из них права нужно давать отдельной командой.
Второй пример показывает как дать право читать таблицу time_zone в базе mysql пользователю myuser с машины 192.168.0.76
с паролем mypassy:
GRANT SELECT ON mysql.time_zone TO myuser@192.168.0.76 IDENTIFIED BY ‘mypassy’;
Возникающие сложности
Если после всех действий у вас возникает ошибка
(Can’t connect to Mysql Server on ‘ваш IP'(10061)),
значит соединение блокирует firewall (windows firewall, outpost, антивирус или еще что-то).
Если возникает ошибка
(Client does not support autentification protocol request by server; consider upgrading MySQL client), клиент (то есть ваша программа) не поддерживает требуемый сервером протокол.
Эту ошибку можно исправить, установив пароль старого формата:
SET PASSWORD FOR user@host = OLD_PASSWORD(‘password’);
Linux mysql connect host
MySQL 8.0 Reference Manual Including MySQL NDB Cluster 8.0
4.2.4 Connecting to the MySQL Server Using Command Options
This section describes use of command-line options to specify how to establish connections to the MySQL server, for clients such as mysql or mysqldump . For information on establishing connections using URI-like connection strings or key-value pairs, for clients such as MySQL Shell, see Section 4.2.5, “Connecting to the Server Using URI-Like Strings or Key-Value Pairs”. For additional information if you are unable to connect, see Section 6.2.22, “Troubleshooting Problems Connecting to MySQL”.
For a client program to connect to the MySQL server, it must use the proper connection parameters, such as the name of the host where the server is running and the user name and password of your MySQL account. Each connection parameter has a default value, but you can override default values as necessary using program options specified either on the command line or in an option file.
The examples here use the mysql client program, but the principles apply to other clients such as mysqldump , mysqladmin , or mysqlshow .
This command invokes mysql without specifying any explicit connection parameters:
Because there are no parameter options, the default values apply:
- The default host name is localhost . On Unix, this has a special meaning, as described later.
- The default user name is ODBC on Windows or your Unix login name on Unix.
- No password is sent because neither —password nor -p is given.
- For mysql, the first nonoption argument is taken as the name of the default database. Because there is no such argument, mysql selects no default database.
To specify the host name and user name explicitly, as well as a password, supply appropriate options on the command line. To select a default database, add a database-name argument. Examples:
mysql --host=localhost --user=myname --password=password
mydb mysql -h localhost -u myname -ppassword
mydb
For password options, the password value is optional:
- If you use a —password or -p option and specify a password value, there must be no space between —password= or -p and the password following it.
- If you use —password or -p but do not specify a password value, the client program prompts you to enter the password. The password is not displayed as you enter it. This is more secure than giving the password on the command line, which might enable other users on your system to see the password line by executing a command such as ps . See Section 6.1.2.1, “End-User Guidelines for Password Security”.
- To explicitly specify that there is no password and that the client program should not prompt for one, use the —skip-password option.
As just mentioned, including the password value on the command line is a security risk. To avoid this risk, specify the —password or -p option without any following password value:
mysql --host=localhost --user=myname --password mydb mysql -h localhost -u myname -p mydb
When the —password or -p option is given with no password value, the client program prints a prompt and waits for you to enter the password. (In these examples, mydb is not interpreted as a password because it is separated from the preceding password option by a space.)
On some systems, the library routine that MySQL uses to prompt for a password automatically limits the password to eight characters. That limitation is a property of the system library, not MySQL. Internally, MySQL does not have any limit for the length of the password. To work around the limitation on systems affected by it, specify your password in an option file (see Section 4.2.2.2, “Using Option Files”). Another workaround is to change your MySQL password to a value that has eight or fewer characters, but that has the disadvantage that shorter passwords tend to be less secure.
Client programs determine what type of connection to make as follows:
- On Windows, the client connects using shared memory, if the server was started with the shared_memory system variable enabled to support shared-memory connections.
- On Unix, MySQL programs treat the host name localhost specially, in a way that is likely different from what you expect compared to other network-based programs: the client connects using a Unix socket file. The —socket option or the MYSQL_UNIX_PORT environment variable may be used to specify the socket name.
The —protocol option enables you to use a particular transport protocol even when other options normally result in use of a different protocol. That is, —protocol specifies the transport protocol explicitly and overrides the preceding rules, even for localhost .
Only connection options that are relevant to the selected transport protocol are used or checked. Other connection options are ignored. For example, with —host=localhost on Unix, the client attempts to connect to the local server using a Unix socket file, even if a —port or -P option is given to specify a TCP/IP port number.
To ensure that the client makes a TCP/IP connection to the local server, use —host or -h to specify a host name value of 127.0.0.1 (instead of localhost ), or the IP address or name of the local server. You can also specify the transport protocol explicitly, even for localhost , by using the —protocol=TCP option. Examples:
mysql --host=127.0.0.1 mysql --protocol=TCP
If the server is configured to accept IPv6 connections, clients can connect to the local server over IPv6 using —host=::1 . See Section 5.1.13, “IPv6 Support”.
On Windows, to force a MySQL client to use a named-pipe connection, specify the —pipe or —protocol=PIPE option, or specify . (period) as the host name. If the server was not started with the named_pipe system variable enabled to support named-pipe connections or if the user making the connection is not a member of the Windows group specified by the named_pipe_full_access_group system variable, an error occurs. Use the —socket option to specify the name of the pipe if you do not want to use the default pipe name.
Connections to remote servers use TCP/IP. This command connects to the server running on remote.example.com using the default port number (3306):
mysql --host=remote.example.com
To specify a port number explicitly, use the —port or -P option:
mysql --host=remote.example.com --port=13306
You can specify a port number for connections to a local server, too. However, as indicated previously, connections to localhost on Unix use a socket file by default, so unless you force a TCP/IP connection as previously described, any option that specifies a port number is ignored.
For this command, the program uses a socket file on Unix and the —port option is ignored:
mysql --port=13306 --host=localhost
To cause the port number to be used, force a TCP/IP connection. For example, invoke the program in either of these ways:
mysql --port=13306 --host=127.0.0.1 mysql --port=13306 --protocol=TCP
For additional information about options that control how client programs establish connections to the server, see Section 4.2.3, “Command Options for Connecting to the Server”.
It is possible to specify connection parameters without entering them on the command line each time you invoke a client program:
- Specify the connection parameters in the [client] section of an option file. The relevant section of the file might look like this:
[client] host=host_name
user=user_name
password=password
- To specify the host for mysql, use MYSQL_HOST .
- On Windows, to specify the MySQL user name, use USER .
For a list of supported environment variables, see Section 4.9, “Environment Variables”.