How Do I Enable Remote Access To MySQL Database Server?

by on March 31, 2006 · 158 comments· LAST UPDATED July 20, 2013

in , ,

By default remote access to the MySQL database server is disabled for security reasons. However, some time you need to provide remote access to database server from home or a web server. This post will explain how to setup a user account and access mysql server remotely.

Task: MySQL Server Remote Access

You need type the following commands which will allow remote connections.

Step # 1: Login Using SSH (if server is outside your data center)

First, login over ssh to remote MySQL database server. You may need to login to your MySQL server as the root user:

ssh user@server1.cyberciti.biz
### login as the root using su or sudo ##
su
#sudo -s
 

OR directly login as root user:

ssh root@server1.cyberciti.biz

Step # 2: Edit the my.cnf file

Once connected you need to edit the MySQL server configuration file my.cnf using a text editor such as vi:

  • If you are using Debian Linux file is located at /etc/mysql/my.cnf location.
  • If you are using Red Hat Linux/Fedora/Centos Linux file is located at /etc/my.cnf location.
  • If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf location.

Edit the /etc/my.cnf, run:
# vi /etc/my.cnf

Step # 3: Once file opened, locate line that read as follows

[mysqld] 

Make sure line skip-networking is commented (or remove line) and add following line

bind-address=YOUR-SERVER-IP

For example, if your MySQL server IP is 65.55.55.2 then entire block should be look like as follows:

[mysqld]
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
language        = /usr/share/mysql/English
bind-address    = 65.55.55.2
# skip-networking
....
..
....

Where,

  • bind-address: IP address to bind to.
  • skip-networking : Don’t listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.

Step# 4 Save and Close the file

If you are using Debian / Ubuntu Linux, type the following command to restart the mysql server:
# /etc/init.d/mysql restart
If you are using RHEL / CentOS / Fedora / Scientific Linux, type the following command to restart the mysql server:
# /etc/init.d/mysqld restart
If you are using FreeBSD, type the following command to restart the mysql server:
# /usr/local/etc/rc.d/mysql-server stop
# /usr/local/etc/rc.d/mysql-server start

OR
# /usr/local/etc/rc.d/mysql-server restart

Step # 5 Grant access to remote IP address

Connect to mysql server:
$ mysql -u root -p mysql

Grant access to a new database

If you want to add a new database called foo for user bar and remote IP 202.54.10.20 then you need to type the following commands at mysql> prompt:mysql> CREATE DATABASE foo;
mysql> GRANT ALL ON foo.* TO bar@'202.54.10.20' IDENTIFIED BY 'PASSWORD';

How Do I Grant Access To An Existing Database?

Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin, To grant access to this IP address type the following command At mysql> prompt for existing database, enter:
mysql> update db set Host='202.54.10.20' where Db='webdb';
mysql> update user set Host='202.54.10.20' where user='webadmin';

Step # 6: Logout of MySQL

Type exit command to logout mysql:mysql> exit

Step # 7: Open port 3306

You need to open TCP port 3306 using iptables or BSD pf firewall.

A sample iptables rule to open Linux iptables firewall

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your web server located at 10.5.1.3:

/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your lan subnet 192.168.1.0/24:

/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --destination-port 3306 -j ACCEPT

Finally save all rules (RHEL / CentOS specific command):
# service iptables save

A sample FreeBSD / OpenBSD pf rule ( /etc/pf.conf)

pass in on $ext_if proto tcp from any to any port 3306

OR allow only access from your web server located at 10.5.1.3:

pass in on $ext_if proto tcp from 10.5.1.3 to any port 3306  flags S/SA synproxy state

Step # 8: Test it

From your remote system or your desktop type the following command:
$ mysql -u webadmin –h 65.55.55.2 –p
Where,

  • -u webadmin: webadmin is MySQL username
  • -h IP or hostname: 65.55.55.2 is MySQL server IP address or hostname (FQDN)
  • -p : Prompt for password

You can also use the telnet or nc command to connect to port 3306 for testing purpose:
$ echo X | telnet -e X 65.55.55.2 3306
OR
$ nc -z -w1 65.55.55.2 3306
Sample outputs:

Connection to 65.55.55.2 3306 port [tcp/mysql] succeeded!
TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 158 comments… read them below or add one }

1 van May 4, 2006 at 4:23 am

Could you tell us how to setup proper MySQL client program on remote machine first?
As far as I now, even if we ONLY install MySQL client program on remote machine, it will generate a my.cnf file. Whenever you issue mysql command on remote machine, this file will be consulted and thus, the client will attempt to connect to a non-exist local MySQL sever rather than your remote server.

Reply

2 nixcraft May 4, 2006 at 11:29 am

To be frank you don’t need to setup my.cnf for client configuration. All you need to do is specify remote mysql host with –h option. For example to connect remote mysql server called dbserver.nixcraft.in you need to type command as follows:
$ mysql –u vivek –h dbserver.nixcraft.in -p

OR if you with to use MySQL server ip address (192.168.1.101):

$ mysql –u vivek –h 192.168.1.101 -p

Reply

3 Jhunivegn Saavedra July 29, 2010 at 7:59 am

Absolutely right! because I’d tried it how many times. And and I found it was right.

Reply

4 sachind August 26, 2010 at 12:37 pm

There is no need to setup in my.cnf, without configuration it works fine for remote address.

Reply

5 Rahul Gamit October 4, 2011 at 8:14 am

Sachid: can you please tell me how can i configure without updating my.cnf file ?

Reply

6 Sohaib June 15, 2013 at 3:50 pm

run mysql_secure_installation and follow the simple wizard

Reply

7 Abject Eminence September 23, 2006 at 8:18 am

nixcraft said…
To be frank you don’t need to setup my.cnf for client configuration. All you need to do is specify remote mysql host with –h option. For example to connect remote mysql server called dbserver.nixcraft.in you need to type command as follows:
$ mysql –u vivek –h dbserver.nixcraft.in -p
OR if you with to use MySQL server ip address (192.168.1.101):
$ mysql –u vivek –h 192.168.1.101 -p
5/04/2006 11:29 AM

+—————————————————-+
This didn’t work at all. BTW, who is “vivek”? Is that your client machine?
Anyhow, the host server keeps telling me that my client computer is not allowed to connect. There must be more to it that I am missing.
+—————————————————–+

Reply

8 nixcraft September 24, 2006 at 3:15 am

vivek is username and 192.168.1.101 is server IP. You need to setup correct permission using GRANT command (see above for an example).

Reply

9 Anonymous September 25, 2006 at 3:34 pm

I’m having a problem accessing the file:

~
“/etc/my.cnf” [New File]

[1]+ Stopped vi /etc/my.cnf
[mysql5@serv mysql5]$ vi /etc/my.cnf

please help.

Reply

10 Anonymous September 25, 2006 at 3:34 pm

I’m having a problem accessing the file:

~
“/etc/my.cnf” [New File]

[1]+ Stopped vi /etc/my.cnf
[mysql5@serv mysql5]$ vi /etc/my.cnf

please help.

Reply

11 roshan March 25, 2011 at 6:53 am

hai
just through out ur machine and buy some real man

Reply

12 Phaedrus November 21, 2013 at 5:30 am

Roshan, learn some English please..

Reply

13 Dan November 21, 2013 at 7:10 am

It sounds like you’re not saving your file but instead backgrounding it. To save, :wq will save and quit in vi/vim.

Reply

14 nixcraft September 25, 2006 at 11:42 pm

/etc/my.cnf is standard location. But location is depend upon mysql version and Linux distro. Use find command to find out my.cnf. Type the following command as root user:

find / -iname my.cnf

Reply

15 mac October 21, 2006 at 1:30 am

Before I have this response from
> mysql -h hostname -u username -p
ERROR 2003 (HY000): Can’t connect to MySQL server on (113)

After following your solution. I got this response

mysql Ver 14.12 Distrib 5.0.22, for redhat-linux-gnu (i686) using readline 5.0
Copyright (C) 2002 MySQL AB
This software comes with ABSOLUTELY NO WARRANTY. This is free software,
and you are welcome to modify and redistribute it under the GPL license
Usage: mysql [OPTIONS] [database]
-?, –help Display this help and exit.
-I, –help Synonym for -?
–auto-rehash Enable automatic rehashing. One doesn’t need to use

I check connectivity using ping host
and got response
icmp_seq=0 ttl=64 time=0.542 ms
meaning i have connectivity

Is there something i missed?

Reply

16 mac October 21, 2006 at 1:45 am

I tried telnet for connectivity

$telnet ipaddr
Trying ipaddr…
telnet: connect to address ipaddr: No route to host
telnet: Unable to connect to remote host: No route to host

do i have a problem with my ipaddr?

Reply

17 roshan March 25, 2011 at 6:58 am

Hai
first provide the static ip add man
then it will connect automatic

Reply

18 Dan November 21, 2013 at 7:15 am

You will need to provide the port number to telnet to, as well. Telnet defaults to port 21, and that’s not the port MySQL uses. Also, ipaddr will need to be the IP address of the MySQL machine.

Reply

19 matt January 18, 2007 at 12:01 am

thanks, this helped me out.

Reply

20 Jimaco March 7, 2007 at 7:10 am

Do not forget to adjust your iptables file (/etc/sysconfig/iptables usually) to allow connections on that port. Typically you will find that TCP connections are enabled on port 22 (ssh) and port 80 (http). Add an entry for port 3306

Reply

21 CptBeluga April 10, 2007 at 9:10 pm

Using Fedora 6 as host and added port 3306 to
/etc/sysconfig/ip6tables and /etc/sysconfig/iptables

For the ip6table file the formatted line is;
-A RH-Firewall-1-INPUT -m tcp -p tcp –dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -m tcp -p tcp –sport 3306 -j ACCEPT

Reply

22 nixCraft April 11, 2007 at 2:23 pm

CptBeluga,

Yup, you need to open port 3306 for communication.

Appreciate your post!

Reply

23 Frankp July 24, 2007 at 12:19 am

I was able to access mysql after changing these tables but when I restarted the computer the files were changed back. There must be another way to do this without manually changing them.

Reply

24 amin August 17, 2007 at 3:55 am

mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

I always receiving error when performing above command. Could u advise

Reply

25 sachind August 26, 2010 at 12:39 pm

mysql> update user set Host=’202.54.10.20′ where User=’webadmin’;

Reply

26 amin August 17, 2007 at 4:01 am

I also cannot find my iptables file on redhat enterprise

Reply

27 amin August 17, 2007 at 7:35 am

you know what, now am not be able to login as root on localhost. How can I revoke those update above

Reply

28 Ryan November 6, 2010 at 6:31 pm

Yeah exact same thing happened to me. I try running the same command to give me back rights and it wont work.
***************************************************************
SyntaxError: invalid syntax
>>> update user set Host=’127.0.0.1′ where user=’root’;
File “”, line 1
update user set Host=’127.0.0.1′ where user=’root’;
^

Reply

29 George P. August 26, 2007 at 12:07 am

Bless your soul for writing this. I was endlessly modifying permissions in mysql until I read your post and realized I had to change the bind-address.

– George

Reply

30 hari vishnunu September 4, 2007 at 2:52 am

Hello,

Simply great,expect same again.

Reply

31 Everah September 7, 2007 at 4:03 pm

This is an awesome article. The only thing I wish it covered is how to name your server (so when you connect you could do it through `myserver.mydomain.com` and whether you can specify a range of allowed remote IPs. But still, this is a very good write up and one that I learned a lot from.

Reply

32 pamchi October 12, 2007 at 3:49 am

Look, what if a want that all my lan have acces to the db?

Reply

33 Seo Freelancer India January 26, 2008 at 12:48 am

Hey i am having a problem with Bad Handshake!!
Can any body help me please!!

Reply

34 SEM Expert February 17, 2008 at 5:11 am

Nice addition. Simply great,expect same again.it will help me a lot.

Reply

35 pathan March 26, 2008 at 7:36 am

How can i access mysql database running on windows pc from linux server, on both machine i am using mysql 5 and perl 5.8.8 , ip of windows machine ie. 192.168.0.50 and linux server has 192.168.0.10 on single LAN.

Reply

36 kokki April 16, 2008 at 6:32 am

heloo admin ,
i want to find the ip address of the my sqlserver in fedoro 5 how to find it can u guide me .

Reply

37 kenneth April 30, 2008 at 2:19 am

I have 2 mysql servers #1 and #2 in a LAN. I want to remotely access either 1 of the 2 servers from box #3. How do I specify that server #2 is to respond and not server #1 to my request. thanks a lot.

Reply

38 kenneth April 30, 2008 at 1:06 pm

Is there a way to make a mysql server accessible both locally AND remotely?
When I change bind-address to some ip address the ubuntu LAMP server will fail to start mysqld. When I change the bind-address to 127.0.0.1, I can’t access it remotely.

Reply

39 MyIkram May 31, 2008 at 12:00 pm

Nice tutorial up there !

Keep up the good work

Reply

40 Adrian Lozano June 5, 2008 at 6:14 pm

Hi there,thankyou for this article..

I made all steps and when I try to login in the WEB application that i’m setting up, there is an error:

MySQL error, Connection Lost during query

Does this mean that conection was done, but something kicked me out ?

I think yes, and I will be very glad to know if you have a clue of what it is causing this.

Thank you

Reply

41 Martin June 23, 2008 at 1:02 pm

The MySQL manual has some information on this which you might find useful. It goes about it a slightly different way which some people might find easier.

MySQL remote Access Control

Reply

42 khawar July 4, 2008 at 7:18 pm

Hi,

what if I could not find the file my.cnf on my server?…..I am actually using a web hosting server.

Regards,

KK

Reply

43 ali July 10, 2008 at 8:21 am

I have problem to connect to remote server thought telnet I made and configure a user in Linux and in mysql also.
I want that the user get in directly to mysql trough Linux shell giving password not to use Linux shell, just telnet the ip address and enter password to go to mysql
For database use and when the user wants to exit the session must close. Would you please help.

Reply

44 Veggie August 11, 2008 at 11:14 am

Every time I try and restart Mysql I ge this error. Everything to be working write I can get into mysql but can’t log on to it remotely. Please help.
Thanks,
-Veggie

veggie@Server:~$ sudo /etc/init.d/mysql restart
* Stopping MySQL database server mysqld [ OK ]
* Starting MySQL database server mysqld [ OK ]
* Checking for corrupt, not cleanly closed and upgrade needing tables.

Reply

45 mohammed Falah September 1, 2008 at 5:20 pm

Dear All;
to access to remote computer you need to select (Enable root access from remote machines) during the instsllation of Mysql server.
after that you must change the localhost to the IP adress for the remote computer and you will get the conection.
EX: you use the A PC and need to conect to B PC in B PC you have the database and it’s IP 1.1.1.1 so you need to change the do the following in A pc to get the conection to B PC:
“jdbc:mysql://1.1.1.1:3306/yorDBName”
good luck for all

Reply

46 n September 5, 2008 at 7:46 am

great article. I could setup the remote mysql admin by editing the my.cnf fie.
Thanks.

Reply

47 Henry September 15, 2008 at 9:22 am

Thanks to commenters’ tips to open port 3306 – fixed my problem.

Alternative to directly editing the iptables file:

system-config-securitylevel
–>advanced
–>add the port at the bottom

Thanks

Reply

48 Max September 24, 2008 at 7:01 pm

Thank you, just what I was looking for

Reply

49 aphplearner September 25, 2008 at 9:19 pm

Thanks Google to send me to this page. Thanks for the article. I have two questions. In CPanel I think there is a remote access option. Can u not use to set up remote access? Is there any way I can create desktop application to access database in host

Reply

50 Alex1980 October 20, 2008 at 8:53 pm

Just to say: Great!

Solved my problem at all!
Thanks for writing it!

Reply

51 Sivan December 18, 2008 at 3:39 pm

Yes this is help me out and thanks a lot

Reply

52 prashant January 28, 2009 at 12:51 pm

This is a very informative article. It helped me a lot.

Reply

53 cfscg February 2, 2009 at 9:39 pm

I can not find the my.cnf anywhere in the system. I have installed RHEL5.1.
I ran this command: find / -iname my.cnf, but returns nothing.
Am I missing something? Do I need to actually create a file called my.cnf under etc?

Thanks for your inputs.
cfscg.

Reply

54 nixCraft February 2, 2009 at 9:40 pm

Do you have mysql installed?

yum list installed mysql

Reply

55 cfscg February 2, 2009 at 10:03 pm

Yes. I have MySQL 5 installed. I am able to log into the test and mysql databases when I am on the machine (not remotely).
but I am trying to connected to this server remotely and obviously I need to work on the my.cnf

Below is what yum command returned. Thanks for your help.
cfscg.

[root@localhost /]# yum search mysql
Loaded plugins: rhnplugin, security
====================================================================== Matched: mysql =======================================================================
mod_auth_mysql.i386 : Basic authentication for the Apache web server using a MySQL database.
qt-MySQL.i386 : MySQL drivers for Qt's SQL classes.
MySQL-client-enterprise-gpl.i386 : MySQL - Client
MySQL-python.i386 : An interface to MySQL
MySQL-server-enterprise-gpl.i386 : @COMMENT@ for Red Hat Enterprise Linux 5
freeradius-mysql.i386 : MySQL bindings for freeradius
libdbi-dbd-mysql.i386 : MySQL plugin for libdbi
mysql.i386 : MySQL client programs and shared libraries.
mysql-bench.i386 : MySQL benchmark scripts and data.
mysql-connector-odbc.i386 : ODBC driver for MySQL
mysql-devel.i386 : Files for development of MySQL applications.
mysql-server.i386 : The MySQL server and related files.
mysql-test.i386 : The test suite distributed with MySQL.
perl-DBD-MySQL.i386 : A MySQL interface for perl
php-mysql.i386 : A module for PHP applications that use MySQL databases.
php-pdo.i386 : A database access abstraction module for PHP applications
qt4-mysql.i386 : MySQL drivers for Qt's SQL classes
rsyslog.i386 : Enhanced system logging and kernel message trapping daemons
rsyslog-mysql.i386 : MySQL support for rsyslog
unixODBC.i386 : A complete ODBC driver manager for Linux.
[root@localhost /]#

Reply

56 nixCraft February 2, 2009 at 11:19 pm

May be file is deleted or replaced. Just do forceful installation again.

Reply

57 Kenan Sevindik February 6, 2009 at 9:40 am

saved my day, thanks a lot…

Reply

58 DieZ February 7, 2009 at 2:52 am

Thanks, useful article!

And how to grant access to ANY ip address?
E.g. several users with different unpredictable IPs should access to database…

Reply

59 cfscg February 11, 2009 at 10:06 pm

Just a follow up.
Thanks for your help.
I did re install the MYsql 5 and I had to copy the My-huge.cnf to /etc/my.cnf

Reply

60 namrata March 24, 2009 at 7:52 am

i hav designed a website using JSP and mysql, there is an enquiry form in that website ,when one fills the form the details automaticaly go into databse as the logic goes..but my problem is on localhost(tomcat) when i fill the form and submit, a retrieved form is displayed which shows my entry..but when i hosted the website the data is not being retrieved …which means it is not geting connected to the server database which i created on putty.. can anyone please help me on this.i am new to jsp ..i just cannot get the logic.i mean on local host alls well but nt on the server..can anyone help step by step on this..please.
my website link is http://www.dcg.net.in
u can try and fill the form ..
it will give you a blank retrieved form..

Reply

61 namrata March 24, 2009 at 7:54 am

below is my code containg database connectivity

String connectionURL = "jdbc:mysql://mail.dcg.net.in:3306/student";
Connection connection = null;
PreparedStatement pstatement = null;
Class.forName("com.mysql.jdbc.Driver").newInstance();
int updateQuery = 0;
if(subject!=null && enquirydetails!=null && firstname!=null && lastname!=null && companyname!=null && companyaddress!=null && zipcode!=null && phoneno!=null && emailadd!=null)
{
if(subject!="" && enquirydetails!="" && firstname!="" && lastname!="" && companyname!="" && companyaddress!="" && zipcode!="" && phoneno!="" && emailadd!="")
{
try {
/* Create a connection by using getConnection()
method that takes parameters of string type
connection url, user name and password to connect
to database. */
connection = DriverManager.getConnection
(connectionURL, "root", "XXXX");
// sql query to insert values in the secified table.
String queryString = "INSERT INTO enquiry(subject,enquirydetails,firstname,lastname,companyname,companyaddress,zipcode,phoneno,emailadd) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)";
/* createStatement() is used for create statement
object that is used for
sending sql statements to the specified database. */
pstatement = connection.prepareStatement(queryString);
pstatement.setString(1, subject);
pstatement.setString(2, enquirydetails);
pstatement.setString(3, firstname);
pstatement.setString(4, lastname);
pstatement.setString(5, companyname);
pstatement.setString(6, companyaddress);
pstatement.setString(7, zipcode);
pstatement.setString(8, phoneno);
pstatement.setString(9, emailadd);
updateQuery = pstatement.executeUpdate();
if (updateQuery != 0) { %>

Reply

62 Marko Matić May 19, 2009 at 11:11 pm

Hi, your article helped me a lot! Thanx! :)

Just in the section “How Do I Grant access to existing database?” you first must select MYSQL database, and then you can update or alter tables USER and DB. So:

mysql> use mysql
mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

Reply

63 Anonymous June 14, 2009 at 10:16 am

Hi, this is a pretty good article even though I had to make a few adjustments to setup the MySQL server on my Mac but the instructions are nonetheless still good.

Reply

64 pankaj June 20, 2009 at 7:49 am

nice tutorial……. keep it up….. thanks for ur help….

Reply

65 Manimal August 4, 2009 at 3:17 pm

Thank you, thank you, thank you. I’m running Ubuntu 8.04 and this was perfect.

Reply

66 NioNio September 9, 2009 at 11:38 am

hello, how could i allow access only to one remote ip?
i noticed that i can login to all my mysql accounts remote..

Reply

67 PG October 20, 2009 at 8:00 pm

Thank you for your good article.

But I can�t access MySQL-Server remotely.
The bind-address is added

The user �test� has grants and can be accessed remotely.

But I can access MySQL � Server from the second host, because the access is not allowed from the host.

Can you tell me please what I�m doing wrong?

Thank you

Reply

68 PG October 20, 2009 at 8:02 pm

Thank you for your good article.

But I can’t access MySQL-Server remotely.

The bind-address is added
http://lh5.ggpht.com/_ZBIpOWf6mz4/St4Rw51LRYI/AAAAAAAAB4c/PTJZqWy8H8Y/s800/my.cnf.jpeg

The user ‘test’ has grants and can be accessed remotely.
http://lh6.ggpht.com/_ZBIpOWf6mz4/St4Rw8KUD4I/AAAAAAAAB4g/JzQwzOUVhTM/s800/admin.jpeg

But I can access MySQL-Server from the second host, because the access is not allowed from the host.
http://lh6.ggpht.com/_ZBIpOWf6mz4/St4Rw9bgW0I/AAAAAAAAB4k/uLknuLyo7zk/s800/telnet.jpeg

Can you tell me please what I’m doing wrong?

Thank you

Reply

69 P R October 21, 2009 at 6:29 pm

my error was very simple. the host name of the second host was wrong :-)

P R

Reply

70 Mohd Anas October 30, 2009 at 9:15 am

Hi all,
To get the above task done, there isn’t any need to change the configuration file . It can be done simply by typing the below command from mysql console:

GRANT ALL ON foo.* TO bar@’%’ IDENTIFIED BY ‘PASSWORD’;

By default, mysql allows only local connections, using ‘%’ sign this setting can be
changed to allow remote connections and local connection as well.

Reply

71 JORGE VALVERDE December 1, 2009 at 5:25 pm

Muchísimas gracias por tu ayuda, alfín he podido configurar mi entorno de desarrollo.

Thanks a lot for your help, finally I could configure my development environment.

=)

Reply

72 Pat January 8, 2010 at 7:06 pm

Thank you. This saved me a lot of time and aggravation.

Reply

73 Vinidog January 15, 2010 at 6:54 pm

Nice… great article

;-)

Reply

74 Nabil January 31, 2010 at 4:33 am

I suggest that you remove the –bind-address from my.cnf :

============
http://dev.mysql.com/doc/refman/5.1/en/server-options.html#option_mysqld_bind-address

–bind-address
[...]
The IP address to bind to. Only one address can be selected. If this option is specified multiple times, the last address given is used.
If no address or 0.0.0.0 is specified, the server listens on all interfaces.

Reply

75 mrudula February 26, 2010 at 7:03 am

I have made the bind-address entry in my.cnf and granted access to host and db in mysql db as per the instructions above.
Both the mysql server and remote host r in same network, still i get an error like this

ERROR 2003 (HY000): Can’t connect to MySQL server on ’172.16.56.1′ (113)

Reply

76 Peter S. March 3, 2010 at 4:16 pm

Following step 5 did not work for me because my db was created in MySQL Workbench as a blank db. Does this instance need the tables from the ‘mysql’ instance copied over before I can perform this step. There is no table named db in my newly created instance; hypothetically “foo”.

Reply

77 villalvilla March 17, 2010 at 12:31 pm

try writing “flush privileges;” before loging out mysql in step 5 ;-)

Reply

78 Alex July 14, 2010 at 2:26 pm

Ditto what villalvilla said– gotta flush privileges!

Reply

79 Conrado March 20, 2010 at 12:34 am

I have to do a program in C# that access a mysql database but i have no idea how to can you tell me a website that can help with this????

Reply

80 ravindra March 20, 2010 at 9:55 am

hi,
please can you tell me how to configure jdbc connection in linux…. oracle version is 10.0.2.0.1.0

Reply

81 diaz March 25, 2010 at 9:43 pm

geat.. sory i can’t speak english with Good
i am a hamachi user ::
so how if i want use 2 IP to remote mysql

when first i use ip 192.168.0.1 in local homework
and Ip 5.59.52.1 in hamachi group

thank’s

Reply

82 Elton March 28, 2010 at 1:00 am

Great Article.
When I add the bind-address to my.cnf
mysqld will not restart.

In the log I have the following:
100327 13:12:58 mysqld started
100327 13:12:58 InnoDB: Started; log sequence number 0 43654
100327 13:12:58 [ERROR] Can’t start server: Bind on TCP/IP port: Cannot assign requested address
100327 13:12:58 [ERROR] Do you already have another mysqld server running on port: 3306 ?
100327 13:12:58 [ERROR] Aborting

100327 13:12:58 InnoDB: Starting shutdown…
100327 13:12:59 InnoDB: Shutdown completed; log sequence number 0 43654
100327 13:12:59 [Note] /usr/libexec/mysqld: Shutdown complete

I do not have any IPtables or firewall that I can find. This is on Centos4

Reply

83 Ken F April 9, 2010 at 1:38 am

Thanks a ton. Just in case anyone needs help, granting my permissions worked fine on my existing database. (the instruction for making a new database) I skipped the next two instructions. Also, service iptables didn’t work for me, but my distro had some instructions for saving the new iptables rule to a new file in the /etc directory and putting a line in the /etc networking configuration to load that file at every boot; so search your distro for saving iptables if service iptables doesn’t work for you either.

Reply

84 Michael June 7, 2010 at 3:45 pm

hello i am new to using mysql can you tell me the command to allow remote access to a server on the mysql command line.

Reply

85 brahimhackman April 14, 2010 at 12:21 pm

im agree with you thanks for u gays ,but the big problem is not the binding-ip ,the problem is how to access to this file if you are a client .
the hosting company only can access to this file.

Reply

86 beau July 7, 2010 at 6:14 pm

Typically hosting companies will use some type of web client that will allow you to make these changes to a mysql database located on their system. I am not familiar with all of the systems out there, but in cpanel there should be a section of icons listed under the heading databases. Select “Remote MySQL” and enter the ip address or host name of the system you are allowing access. You will also need to do this if you are designing a website that will be database driven so that you can make connections to the database through a web page.

Reply

87 Artem April 17, 2010 at 10:45 pm

Great manual, thanks a lot!

Reply

88 Frank April 18, 2010 at 10:25 am

Thanks for the article – sorted my problem easily!

Reply

89 swapan paul June 1, 2010 at 7:15 am

what is the Grant command to give access to a ‘user’ on ‘db1′ and ‘db2′ ,all tables?

Reply

90 Mrudula June 2, 2010 at 4:01 am

Paul,

Create user n then grant priviledges.

create user ‘user’@’localhost’ identified by ‘password’;

grant SELECTon db1.* to ‘user’@’10.1.1.13′ identified by ‘password’;

Here user is the username
password is the password for user to connect to mysql
db1.* refers to all tables of db1
10.1.1.13 refers to ip address from where the user connects

You can also give ALL priviledges or SELECT,INSERT,UPDATE,DELETE,CREATE,DROP priviledges

Reply

91 swapan paul June 2, 2010 at 6:12 am

Thankx for ur reply.
I wanted ‘user’ to have access only on db1 and db2 databases only (all tables) out of several other databases, not to a particular db1 ..as in ur example.
Kindly help.

Reply

92 Anonymous June 2, 2010 at 12:48 pm

yes. This query will provide access to db1. Write a similar query for db2 as well. It will help.

Reply

93 mrudula June 2, 2010 at 12:50 pm

U can write similar query for db2 also. It will provide user to access only db1 and db2 databases.

Is that ur query?

Reply

94 swapan paul June 3, 2010 at 5:23 am

yes ,thnkx a lot .It worked for me . One thing i would like to share is that seperate create statement for user creation is not required in case of grant statement.grant command create user as well.

Anyways thnkx ..thnkx a lot..

Reply

95 mona July 21, 2010 at 5:13 am

It is a very helpful document, it did help me from the start and I’m facing the next step now; collaboration and backup from a remote machine&domain. They want to do a login from another domain and with port forwarding to copy a few DBs. Something like: $ ssh -L freeport:mysql-server-ip:3306 user@host.domain.com and on the remotehost.domain in a new terminal window $ mysql -h localhost –port=freeport -u mysqluser -p
comes back with : ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
The user@host.domain.com can login successfully with: $mysql -h mysql-server-ip -u mysqluser -p only the client port forwarding need something.

Can anyone help with this ? Thanks in advance.

Reply

96 sandip July 27, 2010 at 10:26 am

hi i m confused with your query for the solution you have provided for the existing database grant to the existing user that he can logged with his original password or should we have to update the password.
mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

Reply

97 mona August 2, 2010 at 8:28 am

Thanks, by doing an update solved my problem Much appreciated.

Reply

98 harlan July 29, 2010 at 4:44 am

Thanks, useful.

Reply

99 hari August 3, 2010 at 8:01 am

Fantastic writeup. I had multiple issues and this one solved everything…

Reply

100 Vamsi September 12, 2010 at 4:50 am

Hi Sir, I have this in my .conf ( OS is debian and was installed from apt-get )
# Instead of skip-networking the default is now to listen only on

Reply

101 Bassem October 9, 2010 at 11:47 am

How can I grant access to my local database to a remote connection via Workbench 5.2?

Thanks a lot

Reply

102 neill October 20, 2010 at 7:45 am

For ubuntu 9.10 and later
Don’t

/etc/init.d/mysql restart

Use

sudo service mysql restart

Reply

103 Satan Enterprises October 31, 2010 at 6:20 pm

Anyone else getting this error:
ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’

When you run step 5 on Ubuntu 10.04?

Reply

104 hari November 15, 2010 at 9:28 am

Neat. Easy to follow. Got my job done. Thanks

Reply

105 techno mixx December 14, 2010 at 7:29 am

I was looking for any method to access remotely a db and update local database with every change occur. is it possible? thanks in advance

Reply

106 Live December 20, 2010 at 7:07 am

I wonder what’s the difference of just connecting via SSH, use a command line and access the mysql prompt from there.

Any benefits of this tutorial’s approach than what I do with mine?

Reply

107 webb January 3, 2011 at 9:17 am

Thanks, this has helped me figure out how to deal with remote connections.

Reply

108 jessica January 7, 2011 at 11:41 pm

Hi,
I am trying to allow external connections to an existing database. When I issue the command:

update db set Host=’202.54.10.20′ where Db=’webdb’;
(I changed the IP to my host and webdb to my database name), I always get:
“ERROR 1046 (3D000): No database selected”.

If I select my database first (by doing “use mydb”;), and issue the above command again, then I get:
“ERROR 1146 (42S02): Table ‘mydb.db’ doesn’t exist”

What am I missing?

Reply

109 Satya January 19, 2011 at 6:37 am

Yes ! without configuring /etc/my.cnf aslo it can work . It’ll help to update remote host mysql db .

Best Regards,
Satya.M

Reply

110 Shaul Amran March 6, 2011 at 10:09 am

Thank you for this tutorial!
I followed every single step and it worked!

Reply

111 gumuruh March 11, 2011 at 10:21 am

and…. how could I grant all ip address range 192.168.1.20 – 192.168.1.30
to connect into that mysql server?
Don’t say to me repeat that command over 10 times. That’s not the answer, tough.

Reply

112 koniak March 22, 2011 at 4:43 pm

Hello admin… just U save my life I was found how to access to my mysql BD for the enterily day and finally I found this page… It’s so clear and really helpful so thanks

Reply

113 Chris April 7, 2011 at 12:14 pm

Hi there, I have a query that needs your support.

This is the ERROR I get while creating a NEW SERVER INSTANCE: in Windows.

1.………… error ………………………………………………………………………
Connecting to MySQL server localhost…
Cannot start SSH tunnel manager
Connecting to MySQL server localhost…
Cannot start SSH tunnel manager
Connecting to MySQL server localhost…
Cannot start SSH tunnel manager

……………………………………………………………………………………………

And also

2. ……………………………………………………………………………………………

In order to manage a MYSQL server it must be installed as a service.

The wizard could not find MYSQL service on the target machine, hence
the server instance cannot be created.

……………………………………………………………………………………………

Question

How do I make sure that MYSQL 5.1 is running before I use the MYSQL
Administrator to configure new Server Instance.

I will be grateful to be answered the above question in reference to
the errors the program is giving me in the Windows environment.

Reply

114 stephen white April 21, 2011 at 12:35 am

I know this article is not about SSH but I just wanted to mention that those that are confused with these condifuration changes or skittish about doing them can just use an SSH client (I use Putty) and use tunneling to then access MySQL data as ‘localhost’. Keeps everything locked down and I use the MySQL administrator and Query Browser without any issues on a windows 7 machine. I do have a local dev MySQL server running on my machine so I do have to stop that service when I tunnel in to the remote MySQL debian linux machines. If I forget the user/pass’s will trip me up so not a serious mistake waiting to happen :-)

Reply

115 Bruce May 11, 2011 at 1:23 am

everything seem to work fine but Step # 6: Open port 3306

/sbin/iptables -A INPUT -i eth0 -p tcp –destination-port 3306 -j ACCEPT ??

Reply

116 Caleb May 15, 2011 at 11:48 pm

The variable skip-name-resolve will also keep remote access from working. Was pulling my hair out trying to get this to work, comment out that variable and viola.

Reply

117 albin July 1, 2011 at 9:58 am

i have configured multiple instance of mysql having new instance port 3307. But am not able to connect to this port from a mysql client. Where should i change the configuration?

Reply

118 Cecil August 26, 2011 at 4:24 am

Thanks for this excellently written article. I was going to write my own, but I think I’ll just link to yours.

Reply

119 Vijay Kumar August 28, 2011 at 1:56 pm

Hello To all,
mysql is work proparly,but for remotly access i make file as you write but after this changes mysql is not start,i am using centos 5
/etc/ini.d/mysqld restart
so please help me.As Soon as possible.

Reply

120 Kevinal September 13, 2011 at 8:56 am

How to allow multiple users in local network to share a single MySQL database

Reply

121 Asif October 18, 2011 at 9:54 am

Hi, I have edited my.cnf according to your Step-3. But while restarting it says “MySQL Daemon failed to start.”. Just for the note, my server is running on amazon ec2. Any idea what went wrong?

Reply

122 risdiyanto January 12, 2012 at 8:11 am

you can comment bind-address:
#bind-address

to skip networking

Reply

123 premiso January 19, 2012 at 11:24 pm

Why do all this…if you have SSH Access, just setup a tunnel, unless you need people without SSH Access to access the database. But an SSH tunnel will be way more secure than opening it up to the world, and you don’t have to do any of this simply:

ssh -L 3307:localhost:3306 you@yourhost.com

Using 3307, incase you have a local MySQL server installed.

Reply

124 Aly October 17, 2012 at 9:28 am

Thanks a lot. It is really a good idea to use a tunnel in this case.

Reply

125 Remote database mad January 29, 2012 at 1:44 am

Very nice article, the series of comments which has went over here, made many things clears. Thanks for sharing

Reply

126 subhash February 7, 2012 at 7:50 am

How to connect mysql database in php with use the ip address

Thnx in advance

Reply

127 swapan paul February 7, 2012 at 8:32 am

Try this:
mysql_connect(, ‘admin’, ‘admin’) or die (“Could not connect: “.mysql_error());

Reply

128 swapan paul February 7, 2012 at 11:03 am

Here it is:
mysql_connect(‘ip address’, ‘admin’, ‘admin’) or die (“Could not connect: “.mysql_error());

Reply

129 subramanian March 1, 2012 at 5:28 am

This is for ubuntu 11.10
create a user in mysql as root@staticip
root@franchexpress-2010:# sudo ufw allow 22
root@franchexpress-2010:# sudo ufw allow 3306
root@franchexpress-2010:# mysql -u root -p
mysql>GRANT ALL PRIVILEGES ON *.* to ‘root’@’%’ IDENTIFIED BY ‘mysql password’;
mysql>update user set Host=’180.151.52.42′ where user=’root’;
mysql>update db set Host=’180.151.52.42′ where Db=’franch_co’;

Reply

130 Michael March 27, 2012 at 8:25 am

You need to issue a FLUSH PRIVILEGES command on SQL server after you grant access to whatever. otherwise the new permissions are not yet valid.

Reply

131 Nicolas May 19, 2012 at 6:04 pm

If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf

How?

Reply

132 nixCraft May 19, 2012 at 8:33 pm

@Nicolas,

Use a text editor such as vi. The default files are located in /usr/local/share/mysql/ directory. In this example copy /usr/local/share/mysql/mysql-large.cnf to /usr/local/etc/my.cnf and edit using vi:

## copy it ##
cp /usr/local/share/mysql/mysql-large.cnf /usr/local/etc/my.cnf
## edit it ##
vi /usr/local/etc/my.cnf
## restart the server ##
/usr/local/etc/rc.d/mysql-server restart

Hope this helps!

Reply

133 Nicolas May 22, 2012 at 8:40 am

@Vivek

I actually do not have any mysql directory under /usr/local/share..do you know where else it could be? :/

Reply

134 Nicolas May 22, 2012 at 6:32 pm

Ok, I think i found mysql-large.cnf (though mine is called my-large.cnf). But i don’t have a etc folder at /usr/local/etc. Even tough I have one at /usr/etc, it haven’t got rc.d in it.. Help please!

Reply

135 Eric Nguyen May 29, 2012 at 6:38 pm

bind-adress should be set to the IP address from which the database is going be access, not IP address of the server itself.

Setting bind-address to IP address of the server will cause mysql deamon fail to start and setting bind-address=0.0.0.0 (accepting all IP addresses) should solve the problem. Based on your example, bind-address could be set to 202.54.10.20 too.
This is at least true to MySQL servers on Amazon EC2 (Centos) instances.

Please update your tutorial if you agree with my comment.

Thanks a lot for your detailed and useful tutorial anyway :)

Reply

136 Eric June 10, 2012 at 3:53 am

How about if my client IP dinamic? How to set to mysql allow all IP?

Reply

137 Arun June 18, 2012 at 6:24 am

Thanks you solve my problem. Your blog is very nice. Thanks once again.

Reply

138 Ayasoft September 24, 2012 at 4:11 pm

One comment on #4

For me worked this one:
/etc/init.d/mysql restart

I am not sure it’s a system depended, or just a small bug.
Overall this guide is brilliant. Thanks for writing.

Reply

139 Liam Alford October 22, 2012 at 9:38 am

Having some issues on an Ubuntu 12.04 EC2 server. When i get to the stage to edit remote access to the DB.

mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

There doesn’t seem to be any entries into the db table (i am assuming we are looking at the root mysql database). Though my websites database is set up and working as its now a live system works with MySQL connections locally. I am trying to set up remote access to my development (home) network so i can run updated versions of the website locally without effecting the live version, but still use the live database.

Any idea where i am going wrong?

Reply

140 viki October 25, 2012 at 6:02 am

THANKS FOR NIX CRAFT.SO FAR TIME I DIDN’T ANYTHING ABOUT MYSQL DATABASE SERVER FROM YOUR WEBSITE WAYS I GOT SOMETHING……
THANK YOU…..

Reply

141 Gilank December 14, 2012 at 9:57 am

All useful post at nix craft is inspiring me! thanks alot, i’ve figured it out from my stuck connection where mysql db in different machine

Reply

142 Jeff January 4, 2013 at 10:18 pm

Thanks, this is exactly what I needed.

Wanted to point out a little syntax error in step 5, which slowed me down since I am a command line mysql newbie. There should not be a space between the command option ‘-p’ and the password. Therefore the line should look like:

$ mysql -u root -pmysql

Reply

143 anabela March 29, 2013 at 2:43 pm

great tut, keep going.

Reply

144 Maciek April 10, 2013 at 6:52 pm

It took me half a day to find this hint. Google should do a much better job here – cause anything else was crap!

THANX A LOT!

Reply

145 Dan June 17, 2013 at 4:08 pm

You are awesome, thanks for sharing this. Always nice to see fixes for little things like this from other people in the trenches.

Reply

146 Tom June 23, 2013 at 10:26 am

Need Help:

update db set Host=’xx’ where Db=’xx’;
update user set Host=’xx’ where user=’root’;

After this commands my websites are down and cannot access localhost.
How to undo?? Pls help :)

Reply

147 Yeaoh August 12, 2013 at 7:51 am

On Debian 7, The my.cnf is in /etc/mysql/my.cf

Reply

148 Nirupma September 4, 2013 at 9:37 am

When I modify my my.cnf bind-address with my IP address after restarting mysql service getting error message
Shutting down MySQL
.. *
Starting MySQL
….. * The server quit without updating PID file (/var/lib/mysql/v-testmate4.pid).

And on accessing mysql -u root -p ‘password’
It gives error : ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)

Reply

149 blanc September 12, 2013 at 7:57 am

bind-address can be commented.
just remember to make a static IP for your machine :)

Reply

150 Pawan September 26, 2013 at 3:51 am

Suppose I have some couple of my sql users..??and many machines run mysql so i want..
tom user and all other mysql user on this Machine 192.168.1.3 to be accessible only from jack@192.168.1.5 not anywhere else.
and plz how can this be done?

Reply

151 Dan September 26, 2013 at 4:39 pm

You add usernames and passwords to the Database and provide them access privs.
Of course that’s completely outside of the scope of what this article is about.

Reply

152 Pawan September 27, 2013 at 7:55 am

So, Dan How..this is no more hope full..

Reply

153 Dan November 21, 2013 at 7:07 am
154 Lappro February 15, 2014 at 9:49 pm

I had some trouble with this and after some googling and experimentation I think I have found the solution.
The problem was mysql didn’t want to start anymore after changing the bind-ip address. Turns out I didn’t need to fill in my external IP, but my internal IP (so not localhost but the ip it has in the network). After that mysql did start again and by opening the correct port it is accessible from the internet.

Reply

155 Lappro February 15, 2014 at 9:55 pm

Never mind, looks like it still refuses connections.

Reply

156 Lappro February 15, 2014 at 10:10 pm

Alright, figured it out for reals this time. Made the stupid error of making a user for the same database with username@%, but then I didn’t add any privileges to the user so it wasn’t allowed to do anything.
However I now have this address for the bind ip: 0.0.0.0 (found it somewhere online and is used as the address for all addresses (ipv4)), which is nice since * didn’t work.
Haven’t tested again for the internal ip address if that works too, since it works now and I’m fine with that.

Reply

157 Dave April 21, 2014 at 2:45 am

After your step #3, mysqld will no longer start for me.

Reply

158 arjun June 27, 2014 at 11:20 am

my mysql connection doesnot have a password so how will i connect?

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , , , , ,

Previous post:

Next post: