I have a MySQL database which i access through Java JDBC and it works correct in my local network(using localhost or 192.168.*.* local adress). But i also want to access it remotely from internet and when i connect to it using my global adress 176.214.186.243 (it is dynamyc adress but it stays still for 2 days of my tries) i get next error com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure
The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
In MySQL workbench i have priveleges showed on Picture(All ot them.
But i still cant connect to database using global IP.
What am i doing wrong?
mysql restricts access for any combination of user, table and remote address. In your case the user most likely can access everything locally, but not from extern (e.g for root this would be a good thing). This can be changed by:
GRANT ALL ON <database>.* TO 'client'#'%.%.%.%' IDENTIFIED BY '<a password for external usage>';
FLUSH PRIVILEGES;
<database>.* grants access to alle tables in <database>
I already added your username which seems to be client
%.%.%.% means any IP Adress where the 1.-4. digit can be anything
maybe you can limit the range of IPs or use a FQDN instead
<a password for external usage> is just for this connections and can be something else.
More infos here
you should grant the specified user the privilege to access from a certain IP address like:
GRANT [privileges|ALL PRIVILEGES] ON schema.table TO 'username'#'hostname'
IDENTIFIED BY 'password'
WITH GRANT OPTION;
FLUSH PRIVILEGES;
privileges can be operation names like select, drop and ... or if you want to grant all the privileges to a user set "ALL PRIVILEGES"
schema.table can just specified a single table or it may be something like . to support all the schemas and tables.
username which is also called role is abvious but it can be % to grant all the users the given privileges.
hostname can be ip or host name or as like as username can be % to grant the specified users the given privileges.
for further information use can follow https://dev.mysql.com/doc/refman/8.0/en/grant.html, https://stackoverflow.com/a/6239145/2137378
The mysql documentation is much more prefered. check you mysql version and continue the exact versions documentation on mysql.
Definitely, above descriptions are to let the mysql engine know its remote users and if there is some obstacles between these two like firewall should be resolved somehow. e.g. if you are on ubuntu you can check if the firewall is the main problem by disabling it using:
sudo ufw disable
After disabling the firewall and granting the privileges, remote access was ok then you know the firewall is the issue. to enable if use:
sudo ufw enable
This should be dead simple, but I cannot get it to work for the life of me.
I'm just trying to connect remotely to my MySQL server.
Connecting as:
mysql -u root -h localhost -p
works fine, but trying:
mysql -u root -h 'any ip address here' -p
fails with the error:
ERROR 1130 (00000): Host 'xxx.xx.xxx.xxx' is not allowed to connect to this MySQL server
In the mysql.user table, there is exactly the same entry for user 'root' with host 'localhost' as another with host '%'.
I'm at my wits' end and have no idea how to proceed.
Any ideas are welcome.
Possibly a security precaution. You could try adding a new administrator account:
mysql> CREATE USER 'monty'#'localhost' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'#'localhost'
-> WITH GRANT OPTION;
mysql> CREATE USER 'monty'#'%' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'#'%'
-> WITH GRANT OPTION;
Although as Pascal and others have noted it's not a great idea to have a user with this kind of access open to any IP. If you need an administrative user, use root, and leave it on localhost. For any other action specify exactly the privileges you need and limit the accessibility of the user as Pascal has suggest below.
Edit:
From the MySQL FAQ:
If you cannot figure out why you get
Access denied, remove from the user
table all entries that have Host
values containing wildcards (entries
that contain '%' or '_' characters). A
very common error is to insert a new
entry with Host='%' and
User='some_user', thinking that this
allows you to specify localhost to
connect from the same machine. The
reason that this does not work is that
the default privileges include an
entry with Host='localhost' and
User=''. Because that entry has a Host
value 'localhost' that is more
specific than '%', it is used in
preference to the new entry when
connecting from localhost! The correct
procedure is to insert a second entry
with Host='localhost' and
User='some_user', or to delete the
entry with Host='localhost' and
User=''. After deleting the entry,
remember to issue a FLUSH PRIVILEGES
statement to reload the grant tables.
See also Section 5.4.4, “Access
Control, Stage 1: Connection
Verification”.
One has to create a new MySQL User and assign privileges as below in Query prompt via phpMyAdmin or command prompt:
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'localhost' WITH GRANT OPTION;
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Once done with all four queries, it should connect with username / password
My error message was similar and said 'Host XXX is not allowed to connect to this MySQL server' even though I was using root. Here's how to make sure that root has the correct permissions.
My setup:
Ubuntu 14.04 LTS
MySQL v5.5.37
Solution
Open up the file under etc/mysql/my.cnf
Check for:
port (by default this is port = 3306)
bind-address (by default this is bind-address = 127.0.0.1; if you want to open to all then just comment out this line. For my example, I'll say the actual server is on 10.1.1.7)
Now access the MySQL Database on your actual server (say your remote address is 123.123.123.123 at port 3306 as user root and I want to change permissions on database 'dataentry'. Remember to change the IP Address, Port, and database name to your settings)
mysql -u root -p
Enter password: <enter password>
mysql>GRANT ALL ON *.* to root#'123.123.123.123' IDENTIFIED BY 'put-your-password';
mysql>FLUSH PRIVILEGES;
mysql>exit
sudo service mysqld restart
You should now be able to remote connect to your database. For example, I'm using MySQL Workbench and putting in 'Hostname:10.1.1.7', 'Port:3306', 'Username:root'
Just perform the following steps:
Connect to MySQL (via localhost)
mysql -uroot -p
If the MySQL server is running in Kubernetes (K8s) and being accessed via a NodePort
kubectl exec -it [pod-name] -- /bin/bash
mysql -uroot -p
Create user
CREATE USER 'user'#'%' IDENTIFIED BY 'password';
Grant permissions
GRANT ALL PRIVILEGES ON *.* TO 'user'#'%' WITH GRANT OPTION;
Flush privileges
FLUSH PRIVILEGES;
You need to grant access to the user from any hostname.
This is how you add new privilege from phpmyadmin
Goto Privileges > Add a new User
Select Any Host for the desired username
Simple way:
Grant All Privileges ON *.* to 'USER_NAME'#'%' Identified By 'YOUR_PASSWORD';
then
FLUSH PRIVILEGES;
done!
The message *Host ''xxx.xx.xxx.xxx'' is not allowed to connect to this MySQL server is a reply from the MySQL server to the MySQL client. Notice how its returning the IP address and not the hostname.
If you're trying to connect with mysql -h<hostname> -u<somebody> -p and it returns this message with the IP address, then the MySQL server isn't able to do a reverse lookup on the client. This is critical because thats how it maps the MySQL client to the grants.
Make sure you can do an nslookup <mysqlclient> FROM the MySQL server. If that doesn't work, then there's no entry in the DNS server. Alternatively, you can put an entry in the MySQL server's HOSTS file (<ipaddress> <fullyqualifiedhostname> <hostname> <- The order here might matter).
An entry in my server's host file allowing a reverse lookup of the MySQL client solved this very problem.
This working for any future remote mysql connection !
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
Navigate to the line that begins with the bind-address directive. It should look like this:
bind-address = 0.0.0.0
Login to your mysql as root terminal
mysql -u root -p
-- root password
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'localhost' WITH GRANT OPTION;
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;
finally Grant that machine exclusive permission to connect to the database remotely with the following command.
sudo ufw allow from remote_IP_address to any port 3306
If you modify the grant tables manually (using INSERT, UPDATE, etc.), you should execute
a FLUSH PRIVILEGES statement to tell the server to reload the grant tables.
PS: I wouldn't recommend to allow any host to connect for any user (especially not the root use). If you are using mysql for a client/server application, prefer a subnet address. If you are using mysql with a web server or application server, use specific IPs.
Just use the interface provided by MySql's GUI Tool (SQLyog):
Click on User manager:
Now, if you want to grant access FOR ANY OTHER REMOTE PC, just make sure that, just like in the underneath picture, the Host field value is % (which is the wildcard)
Most of the answers here show you creating users with two host values: one for localhost, and one for %.
Please note that except for a built-in localhost user like root, you don't need to do this. If you simply want to make a new user that can log in from anywhere, you can use
CREATE USER 'myuser'#'%' IDENTIFIED BY 'mypassword';
GRANT <whatever privileges are appropriate> ON <relevant tables> TO myuser;
and it will work just fine. (As others have mentioned, it's a terrible idea to grant administrative privileges to a user from any domain.)
If you are using MySQL WorkBench, you can achieve this easily:
From the menu, select Server -> Users And Privileges
On the lower left, click on "Add account"
Fill the form with username, host matching (% means every host) and the password
Click on "Apply" on the lower right
After this you are good to go. Then, if you want to refine your configuration, you can use the "Administrative Roles" tab to set the command that can be used by the user (SELECT, ALTER etc etc) and the "Schema privileges" tab to restrict the user interaction to specific schemas.
Well, nothing of the above answer worked for me. After a lot of research, I found a solution. Though I may be late this may help others in future.
Login to your SQL server from a terminal
mysql -u root -p
-- root password
GRANT ALL ON *.* to root#'XX.XXX.XXX.XX' IDENTIFIED BY 'password';
This should solve the permission issue.
Happy coding!!
simple way is to login to phpmyadmin with root account , there goto mysql database and select user table , there edit root account and in host field add % wild card . and then through ssh flush privileges
FLUSH PRIVILEGES;
If this is a recent mysql install, then before changing anything else, try simply to execute this command and then try again:
flush privileges;
This alone fixes the issue for me on Ubuntu 16.04, mysql 5.7.20. YMMV.
Just find a better way to do that from your hosting control panel (I'm using DirectAdmin here)
simply go to the target server DB in your control panel, in my case:
MySQL management -> select your DB -> you will find: "Access Hosts", simply add your remote host here and its working now!
I guess there is a similar option on other C.panels like plesk, etc..
I'm hope it was helpful to you too.
If you happen to be running on Windows; A simple solution is to run the MySQL server instance configuration wizard. It is in your MYSQL group in the start menu. On the second from last screen click the box that says "allow root access from remote machines".
CREATE USER 'username'#'localhost' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
this error because no password to the root , and this Maybe occurred with you when you trying to connect from outside .
If you have WAMP Server + Windows 10 and you are using it for development than Right Click on Wamp Icon => Wamp Settings => Check Allow Virtual Hosts other than 127*
I was also facing same issue, It resolved in 2 min for me i just white list ip through cpanel
Suppose you are trying to connect database of server B from server A.
Go to Server B Cpanel->Remote MySQL-> enter Server A IP Address and That's it.
Well what you can do is just open mysql.cfg file and you have to change Bind-address to this
bind-address = 127.0.0.1
and then Restart mysql and you will able to connect that server to this.
Look this you can have idea form that.
this is real sol
This answer might help someone...
All these answers didnt help, then I realised I forgot to check one crucial thing.. The port :)
I have mysql running in a docker container running on a different port. I was pointing to my host machine on port 3306, which I have a mysql server running on. My container exposes the server on port 33060. So all this time, i was looking at the wrong server! doh!
This working for DirectAdmin;
Go to your DirectAdmin.
Go to your MySQL Management.
Select your database.
Under your Accesse Host tab, there is a field.
You should fill this field by xxx.xx.xxx.xx.
Click on Add Host.
Finished. Now you can access to this DB by your your_database_username & your_database_password.
So Simple!
CPANEL solution
Go to Cpanel, look for Remote MySQL.
Add the the IP in the input field:
Host (% wildcard is allowed)
Comment to remember what IP that is.
That was it for me.
1. From a terminal, connect you to your MySQL running container
docker exec -it your_container_name_or_id bash
2. In your container, connect you to the MySQL database
mysql -u your_user -p
enter your password to connect to database.
3. execute this SQL script to list all existing database users:
SELECT host, user FROM mysql.user;
The result will be some thing like below:
host
user
127.0.0.1
root
::1
root
localhost
mysql.sys
localhost
root
you should add a new row:
host
user
%
root
CREATE USER 'username'#'%' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON *.* TO 'username'#'%' WITH GRANT OPTION;
Some tips:
list privileges using show grants;
create a VPN and just add the ip of the tunnel
Problem: root#localhost is unable to connect to a fresh installation of mysql-community-server on openSUSE 42.2-1.150.x86_64.
Mysql refuses connections - period.
Solution:
$ ls -l /var/lib/mysql/mysql/user.*
-rw-rw---- 1 mysql mysql 0 Apr 29 19:44 /var/lib/mysql/mysql/user.MYD
-rw-rw---- 1 mysql mysql 1024 Apr 29 19:44 /var/lib/mysql/mysql/user.MYI
-rw-rw---- 1 mysql mysql 10684 Apr 29 19:44 /var/lib/mysql/mysql/user.frm
File user.MYD has 0 size (really ?!).
I copied all 3 files from another working system.
$ /usr/sbin/rcmysql stop
$ cd /var/lib/mysql/mysql/
$ scp root#othersytem:/var/lib/mysql/mysql/user.* ./
$ /usr/sbin/rcmysql start
$ cd -
$ mysql -u root -p
I was able to log in. Then, it was just a matter of re-applying all schema privileges.
Also, if you disabled IPv6, re-enable it temporary so that root#::1 account can also work.
if you are trying to execute mysql query withouth defining connectionstring, you will get this error.
Probably you forgat to define connection string before execution. have you check this out?
(sorry for bad english)
All of the answers here didn't work in my case so I guest this may help other users in the future. This can also be a problem in our code, not just in MySQL alone.
If you are using VB.NET
Instead of this code:
Dim server As String = My.Settings.DB_Server
Dim username As String = My.Settings.DB_Username
Dim password As String = My.Settings.DB_Password
Dim database As String = My.Settings.DB_Database
MysqlConn.ConnectionString = "server=" & server & ";" _
& "user id=" & username & ";" _
& "password=" & password & ";" _
& "database=" & database
MysqlConn = New MySqlConnection()
You need to move MysqlConn = New MySqlConnection() on the first line. So it would be like this
MysqlConn = New MySqlConnection()
Dim server As String = My.Settings.DB_Server
Dim username As String = My.Settings.DB_Username
Dim password As String = My.Settings.DB_Password
Dim database As String = My.Settings.DB_Database
MysqlConn.ConnectionString = "server=" & server & ";" _
& "user id=" & username & ";" _
& "password=" & password & ";" _
& "database=" & database
I have been trying to to connect to MySql data base which uses ssl connection with java and having trouble, if any one can help me will be of great help.
Manual Connection to MySql:
We use MySQL Workbench , parameters - Hostname - "test-db1-ro-xxxxxx.net" , Port - 3306 , User Name , Password.
There is a SSL CA File - mysql-ssl-ca-cert.pem , the manual connection is successful.
I tried the same in java (in windows system)
My code:
String url = "jdbc:mysql://test-db1-ro.apdev.XXXXXX.net:3306/database";
String driver = "com.mysql.jdbc.Driver";
String userName = "XXXXXXXX";
String password = "XXXXXXXX";
Class.forName(driver).newInstance();
Connection conn = DriverManager.getConnection(url,userName,password);
when i run the code i get an error as "Access Denied"
I am thinking it is due to the SSL Connection.
I am not able to know how to use the .pem file to make a secure connection to database in this case.
Can some one help, have done various things but always get the same access denied error.
Full StackTrace:
java.sql.SQLException: Access denied for user 'xxxxxxxx' (using password: YES)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:946)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:2985)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:885)
at com.mysql.jdbc.MysqlIO.secureAuth411(MysqlIO.java:3421)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1247)
at com.mysql.jdbc.Connection.createNewIO(Connection.java:2775)
at com.mysql.jdbc.Connection.<init>(Connection.java:1555)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:285)
at java.sql.DriverManager.getConnection(DriverManager.java:571)
at java.sql.DriverManager.getConnection(DriverManager.java:215)
at TestDBConnection.main(TestDBConnection.java:34)
You have trouble authenticating.
On the MySql terminal:
GRANT ALL ON *.* TO 'user'#'%' IDENTIFIED BY 'password';
FLUSH PRIVILEGES;
If problem still persists:
GRANT ALL ON *.* TO 'user'#'%' WITH GRANT OPTION;
This command grants you superuser privileges.
FLUSH PRIVILEGES;
To make sure your privileges are loaded.
NB: Do not use this account on websites with public access.