How Do I Enable Remote Access To MySQL Database Server?

Posted on in Categories Linux, MySQL, UNIX last updated June 26, 2017

By default, remote access to the MySQL database server is disabled for security reasons. However, sometimes you need to provide remote access to database server from home or a web server. This post will explain how to setup a user account and access a MySQL server remotely on a Linux or Unix-like systems.

Task: MySQL Server Remote Access

You need type the following commands which will allow remote connections to a mysql server.

Step # 1: Login Using SSH (if server is outside your data center)

First, login over ssh to remote MySQL database server. You may need to login to your MySQL server as the root user:

ssh user@server1.cyberciti.biz
### login as the root using su or sudo ##
su
# or use sudo  ##
sudo -i

OR directly login as root user if allowed:

ssh root@server1.cyberciti.biz

Step # 2: Edit the my.cnf file

Once connected you need to edit the MySQL server configuration file my.cnf using a text editor such as vi:

  • If you are using Debian/Ubuntu Linux file is located at /etc/mysql/my.cnf location.
  • If you are using Red Hat Linux/Fedora/Centos Linux file is located at /etc/my.cnf location.
  • If you are using FreeBSD you need to create a file /var/db/mysql/my.cnf location.

Edit the /etc/my.cnf, run:
# vi /etc/my.cnf

Step # 3: Once file opened, locate line that read as follows

[mysqld] 

Make sure line skip-networking is commented (or remove line) and add following line

bind-address=YOUR-SERVER-IP

For example, if your MySQL server IP is 65.55.55.2 then entire block should be look like as follows:

[mysqld]
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
basedir         = /usr
datadir         = /var/lib/mysql
tmpdir          = /tmp
language        = /usr/share/mysql/English
bind-address    = 65.55.55.2
# skip-networking
....
..
....

Where,

  • bind-address: IP address to bind to.
  • skip-networking : Do not listen for TCP/IP connections at all. All interaction with mysqld must be made via Unix sockets. This option is highly recommended for systems where only local requests are allowed. Since you need to allow remote connection this line should be removed from my.cnf or put it in comment state.

Step# 4 Save and Close the file

If you are using Debian / Ubuntu Linux, type the following command to restart the mysql server:
# /etc/init.d/mysql restart
OR
# systemctl restart mysql
If you are using RHEL / CentOS / Fedora / Scientific Linux, type the following command to restart the mysql server:
# /etc/init.d/mysqld restart
OR
# systemctl restart mysqld
If you are using FreeBSD, type the following command to restart the mysql server:
# /usr/local/etc/rc.d/mysql-server restart
OR
# service mysql-server restart

Step # 5 Grant access to remote IP address

Connect to mysql server:
$ mysql -u root -p mysql

Grant access to a new database

If you want to add a new database called foo for user bar and remote IP 202.54.10.20 then you need to type the following commands at mysql> prompt:mysql> CREATE DATABASE foo;
mysql> GRANT ALL ON foo.* TO [email protected]'202.54.10.20' IDENTIFIED BY 'PASSWORD';

How Do I Grant Access To An Existing Database?

Let us assume that you are always making connection from remote IP called 202.54.10.20 for database called webdb for user webadmin, To grant access to this IP address type the following command At mysql> prompt for existing database, enter:
mysql> update db set Host='202.54.10.20' where Db='webdb';
mysql> update user set Host='202.54.10.20' where user='webadmin';

Step # 6: Logout of MySQL

Type exit command to logout mysql:mysql> exit

Step # 7: Open port 3306

You need to open TCP port 3306 using iptables or BSD pf firewall.

A sample iptables rule to open Linux iptables firewall

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your web server located at 10.5.1.3:

/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your lan subnet 192.168.1.0/24:

/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp --destination-port 3306 -j ACCEPT

Finally save all rules (RHEL / CentOS specific command):
# service iptables save

A sample FreeBSD / OpenBSD / NetBSD pf firewall rule ( /etc/pf.conf)

Use the following to open port # 3306 on a BSD based systems:

pass in on $ext_if proto tcp from any to any port 3306

OR allow only access from your web server located at 10.5.1.3:

pass in on $ext_if proto tcp from 10.5.1.3 to any port 3306  flags S/SA synproxy state

Step # 8: Test it

From your remote system or your desktop type the following command:
$ mysql -u webadmin -h 65.55.55.2 -p
Where,

  • -u webadmin: webadmin is MySQL username
  • -h IP or hostname: 65.55.55.2 is MySQL server IP address or hostname (FQDN)
  • -p : Prompt for password

You can also use the telnet or nc command to connect to port 3306 for testing purpose:
$ echo X | telnet -e X 65.55.55.2 3306
OR
$ nc -z -w1 65.55.55.2 3306
Sample outputs:

Connection to 65.55.55.2 3306 port [tcp/mysql] succeeded!

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

172 comment

  1. Could you tell us how to setup proper MySQL client program on remote machine first?
    As far as I now, even if we ONLY install MySQL client program on remote machine, it will generate a my.cnf file. Whenever you issue mysql command on remote machine, this file will be consulted and thus, the client will attempt to connect to a non-exist local MySQL sever rather than your remote server.

  2. To be frank you don’t need to setup my.cnf for client configuration. All you need to do is specify remote mysql host with –h option. For example to connect remote mysql server called dbserver.nixcraft.in you need to type command as follows:
    $ mysql –u vivek –h dbserver.nixcraft.in -p

    OR if you with to use MySQL server ip address (192.168.1.101):

    $ mysql –u vivek –h 192.168.1.101 -p

  3. nixcraft said…
    To be frank you don’t need to setup my.cnf for client configuration. All you need to do is specify remote mysql host with –h option. For example to connect remote mysql server called dbserver.nixcraft.in you need to type command as follows:
    $ mysql –u vivek –h dbserver.nixcraft.in -p
    OR if you with to use MySQL server ip address (192.168.1.101):
    $ mysql –u vivek –h 192.168.1.101 -p
    5/04/2006 11:29 AM

    +—————————————————-+
    This didn’t work at all. BTW, who is “vivek”? Is that your client machine?
    Anyhow, the host server keeps telling me that my client computer is not allowed to connect. There must be more to it that I am missing.
    +—————————————————–+

  4. Before I have this response from
    > mysql -h hostname -u username -p
    ERROR 2003 (HY000): Can’t connect to MySQL server on (113)

    After following your solution. I got this response

    mysql Ver 14.12 Distrib 5.0.22, for redhat-linux-gnu (i686) using readline 5.0
    Copyright (C) 2002 MySQL AB
    This software comes with ABSOLUTELY NO WARRANTY. This is free software,
    and you are welcome to modify and redistribute it under the GPL license
    Usage: mysql [OPTIONS] [database]
    -?, –help Display this help and exit.
    -I, –help Synonym for -?
    –auto-rehash Enable automatic rehashing. One doesn’t need to use

    I check connectivity using ping host
    and got response
    icmp_seq=0 ttl=64 time=0.542 ms
    meaning i have connectivity

    Is there something i missed?

  5. I tried telnet for connectivity

    $telnet ipaddr
    Trying ipaddr…
    telnet: connect to address ipaddr: No route to host
    telnet: Unable to connect to remote host: No route to host

    do i have a problem with my ipaddr?

    1. You will need to provide the port number to telnet to, as well. Telnet defaults to port 21, and that’s not the port MySQL uses. Also, ipaddr will need to be the IP address of the MySQL machine.

  6. Do not forget to adjust your iptables file (/etc/sysconfig/iptables usually) to allow connections on that port. Typically you will find that TCP connections are enabled on port 22 (ssh) and port 80 (http). Add an entry for port 3306

  7. Using Fedora 6 as host and added port 3306 to
    /etc/sysconfig/ip6tables and /etc/sysconfig/iptables

    For the ip6table file the formatted line is;
    -A RH-Firewall-1-INPUT -m tcp -p tcp –dport 3306 -j ACCEPT
    -A RH-Firewall-1-INPUT -m tcp -p tcp –sport 3306 -j ACCEPT

  8. I was able to access mysql after changing these tables but when I restarted the computer the files were changed back. There must be another way to do this without manually changing them.

    1. Yeah exact same thing happened to me. I try running the same command to give me back rights and it wont work.
      ***************************************************************
      SyntaxError: invalid syntax
      >>> update user set Host=’127.0.0.1′ where user=’root’;
      File “”, line 1
      update user set Host=’127.0.0.1′ where user=’root’;
      ^

  9. This is an awesome article. The only thing I wish it covered is how to name your server (so when you connect you could do it through `myserver.mydomain.com` and whether you can specify a range of allowed remote IPs. But still, this is a very good write up and one that I learned a lot from.

    1. Quote from https://dev.mysql.com/doc/refman/5.1/en/grant.html:
      “ You can specify wildcards in the host name. For example, [email protected]’%.example.com’ applies to user_name for any host in the example.com domain, and [email protected]’192.168.1.%’ applies to user_name for any host in the 192.168.1 class C subnet.

      The simple form user_name is a synonym for [email protected]’%’.

      MySQL does not support wildcards in user names. To refer to an anonymous user, specify an account with an empty user name with the GRANT statement:

      GRANT ALL ON test.* TO ”@’localhost’ …;

      In this case, any user who connects from the local host with the correct password for the anonymous user will be permitted access, with the privileges associated with the anonymous-user account.

      For additional information about user name and host name values in account names, see Section 6.2.3, “Specifying Account Names”.”

  10. How can i access mysql database running on windows pc from linux server, on both machine i am using mysql 5 and perl 5.8.8 , ip of windows machine ie. 192.168.0.50 and linux server has 192.168.0.10 on single LAN.

  11. I have 2 mysql servers #1 and #2 in a LAN. I want to remotely access either 1 of the 2 servers from box #3. How do I specify that server #2 is to respond and not server #1 to my request. thanks a lot.

  12. Is there a way to make a mysql server accessible both locally AND remotely?
    When I change bind-address to some ip address the ubuntu LAMP server will fail to start mysqld. When I change the bind-address to 127.0.0.1, I can’t access it remotely.

  13. Hi there,thankyou for this article..

    I made all steps and when I try to login in the WEB application that i’m setting up, there is an error:

    MySQL error, Connection Lost during query

    Does this mean that conection was done, but something kicked me out ?

    I think yes, and I will be very glad to know if you have a clue of what it is causing this.

    Thank you

  14. I have problem to connect to remote server thought telnet I made and configure a user in Linux and in mysql also.
    I want that the user get in directly to mysql trough Linux shell giving password not to use Linux shell, just telnet the ip address and enter password to go to mysql
    For database use and when the user wants to exit the session must close. Would you please help.

  15. Every time I try and restart Mysql I ge this error. Everything to be working write I can get into mysql but can’t log on to it remotely. Please help.
    Thanks,
    -Veggie

    [email protected]:~$ sudo /etc/init.d/mysql restart
    * Stopping MySQL database server mysqld [ OK ]
    * Starting MySQL database server mysqld [ OK ]
    * Checking for corrupt, not cleanly closed and upgrade needing tables.

  16. Dear All;
    to access to remote computer you need to select (Enable root access from remote machines) during the instsllation of Mysql server.
    after that you must change the localhost to the IP adress for the remote computer and you will get the conection.
    EX: you use the A PC and need to conect to B PC in B PC you have the database and it’s IP 1.1.1.1 so you need to change the do the following in A pc to get the conection to B PC:
    “jdbc:mysql://1.1.1.1:3306/yorDBName”
    good luck for all

  17. Thanks to commenters’ tips to open port 3306 – fixed my problem.

    Alternative to directly editing the iptables file:

    system-config-securitylevel
    –>advanced
    –>add the port at the bottom

    Thanks

  18. Thanks Google to send me to this page. Thanks for the article. I have two questions. In CPanel I think there is a remote access option. Can u not use to set up remote access? Is there any way I can create desktop application to access database in host

  19. I can not find the my.cnf anywhere in the system. I have installed RHEL5.1.
    I ran this command: find / -iname my.cnf, but returns nothing.
    Am I missing something? Do I need to actually create a file called my.cnf under etc?

    Thanks for your inputs.
    cfscg.

  20. Yes. I have MySQL 5 installed. I am able to log into the test and mysql databases when I am on the machine (not remotely).
    but I am trying to connected to this server remotely and obviously I need to work on the my.cnf

    Below is what yum command returned. Thanks for your help.
    cfscg.

    [[email protected] /]# yum search mysql
    Loaded plugins: rhnplugin, security
    ====================================================================== Matched: mysql =======================================================================
    mod_auth_mysql.i386 : Basic authentication for the Apache web server using a MySQL database.
    qt-MySQL.i386 : MySQL drivers for Qt's SQL classes.
    MySQL-client-enterprise-gpl.i386 : MySQL - Client
    MySQL-python.i386 : An interface to MySQL
    MySQL-server-enterprise-gpl.i386 : @[email protected] for Red Hat Enterprise Linux 5
    freeradius-mysql.i386 : MySQL bindings for freeradius
    libdbi-dbd-mysql.i386 : MySQL plugin for libdbi
    mysql.i386 : MySQL client programs and shared libraries.
    mysql-bench.i386 : MySQL benchmark scripts and data.
    mysql-connector-odbc.i386 : ODBC driver for MySQL
    mysql-devel.i386 : Files for development of MySQL applications.
    mysql-server.i386 : The MySQL server and related files.
    mysql-test.i386 : The test suite distributed with MySQL.
    perl-DBD-MySQL.i386 : A MySQL interface for perl
    php-mysql.i386 : A module for PHP applications that use MySQL databases.
    php-pdo.i386 : A database access abstraction module for PHP applications
    qt4-mysql.i386 : MySQL drivers for Qt's SQL classes
    rsyslog.i386 : Enhanced system logging and kernel message trapping daemons
    rsyslog-mysql.i386 : MySQL support for rsyslog
    unixODBC.i386 : A complete ODBC driver manager for Linux.
    [[email protected] /]#
  21. i hav designed a website using JSP and mysql, there is an enquiry form in that website ,when one fills the form the details automaticaly go into databse as the logic goes..but my problem is on localhost(tomcat) when i fill the form and submit, a retrieved form is displayed which shows my entry..but when i hosted the website the data is not being retrieved …which means it is not geting connected to the server database which i created on putty.. can anyone please help me on this.i am new to jsp ..i just cannot get the logic.i mean on local host alls well but nt on the server..can anyone help step by step on this..please.
    my website link is http://www.dcg.net.in
    u can try and fill the form ..
    it will give you a blank retrieved form..

  22. below is my code containg database connectivity

    String connectionURL = "jdbc:mysql://mail.dcg.net.in:3306/student";
    Connection connection = null;
    PreparedStatement pstatement = null;
    Class.forName("com.mysql.jdbc.Driver").newInstance();
    int updateQuery = 0;
    if(subject!=null && enquirydetails!=null && firstname!=null && lastname!=null && companyname!=null && companyaddress!=null && zipcode!=null && phoneno!=null && emailadd!=null)
    {
    if(subject!="" && enquirydetails!="" && firstname!="" && lastname!="" && companyname!="" && companyaddress!="" && zipcode!="" && phoneno!="" && emailadd!="")
    {
    try {
    /* Create a connection by using getConnection()
    method that takes parameters of string type
    connection url, user name and password to connect
    to database. */
    connection = DriverManager.getConnection
    (connectionURL, "root", "XXXX");
    // sql query to insert values in the secified table.
    String queryString = "INSERT INTO enquiry(subject,enquirydetails,firstname,lastname,companyname,companyaddress,zipcode,phoneno,emailadd) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)";
    /* createStatement() is used for create statement
    object that is used for
    sending sql statements to the specified database. */
    pstatement = connection.prepareStatement(queryString);
    pstatement.setString(1, subject);
    pstatement.setString(2, enquirydetails);
    pstatement.setString(3, firstname);
    pstatement.setString(4, lastname);
    pstatement.setString(5, companyname);
    pstatement.setString(6, companyaddress);
    pstatement.setString(7, zipcode);
    pstatement.setString(8, phoneno);
    pstatement.setString(9, emailadd);
    updateQuery = pstatement.executeUpdate();
    if (updateQuery != 0) { %>
    
    
  23. Hi, your article helped me a lot! Thanx! 🙂

    Just in the section “How Do I Grant access to existing database?” you first must select MYSQL database, and then you can update or alter tables USER and DB. So:

    mysql> use mysql
    mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
    mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

  24. Thank you for your good article.

    But I can�t access MySQL-Server remotely.
    The bind-address is added

    The user �test� has grants and can be accessed remotely.

    But I can access MySQL � Server from the second host, because the access is not allowed from the host.

    Can you tell me please what I�m doing wrong?

    Thank you

  25. Thank you for your good article.

    But I can’t access MySQL-Server remotely.

    The bind-address is added
    http://lh5.ggpht.com/_ZBIpOWf6mz4/St4Rw51LRYI/AAAAAAAAB4c/PTJZqWy8H8Y/s800/my.cnf.jpeg

    The user ‘test’ has grants and can be accessed remotely.
    http://lh6.ggpht.com/_ZBIpOWf6mz4/St4Rw8KUD4I/AAAAAAAAB4g/JzQwzOUVhTM/s800/admin.jpeg

    But I can access MySQL-Server from the second host, because the access is not allowed from the host.
    http://lh6.ggpht.com/_ZBIpOWf6mz4/St4Rw9bgW0I/AAAAAAAAB4k/uLknuLyo7zk/s800/telnet.jpeg

    Can you tell me please what I’m doing wrong?

    Thank you

  26. Hi all,
    To get the above task done, there isn’t any need to change the configuration file . It can be done simply by typing the below command from mysql console:

    GRANT ALL ON foo.* TO [email protected]’%’ IDENTIFIED BY ‘PASSWORD’;

    By default, mysql allows only local connections, using ‘%’ sign this setting can be
    changed to allow remote connections and local connection as well.

  27. Muchísimas gracias por tu ayuda, alfín he podido configurar mi entorno de desarrollo.

    Thanks a lot for your help, finally I could configure my development environment.

    =)

  28. I have made the bind-address entry in my.cnf and granted access to host and db in mysql db as per the instructions above.
    Both the mysql server and remote host r in same network, still i get an error like this

    ERROR 2003 (HY000): Can’t connect to MySQL server on ‘172.16.56.1’ (113)

  29. Following step 5 did not work for me because my db was created in MySQL Workbench as a blank db. Does this instance need the tables from the ‘mysql’ instance copied over before I can perform this step. There is no table named db in my newly created instance; hypothetically “foo”.

  30. geat.. sory i can’t speak english with Good
    i am a hamachi user ::
    so how if i want use 2 IP to remote mysql

    when first i use ip 192.168.0.1 in local homework
    and Ip 5.59.52.1 in hamachi group

    thank’s

  31. Great Article.
    When I add the bind-address to my.cnf
    mysqld will not restart.

    In the log I have the following:
    100327 13:12:58 mysqld started
    100327 13:12:58 InnoDB: Started; log sequence number 0 43654
    100327 13:12:58 [ERROR] Can’t start server: Bind on TCP/IP port: Cannot assign requested address
    100327 13:12:58 [ERROR] Do you already have another mysqld server running on port: 3306 ?
    100327 13:12:58 [ERROR] Aborting

    100327 13:12:58 InnoDB: Starting shutdown…
    100327 13:12:59 InnoDB: Shutdown completed; log sequence number 0 43654
    100327 13:12:59 [Note] /usr/libexec/mysqld: Shutdown complete

    I do not have any IPtables or firewall that I can find. This is on Centos4

  32. Thanks a ton. Just in case anyone needs help, granting my permissions worked fine on my existing database. (the instruction for making a new database) I skipped the next two instructions. Also, service iptables didn’t work for me, but my distro had some instructions for saving the new iptables rule to a new file in the /etc directory and putting a line in the /etc networking configuration to load that file at every boot; so search your distro for saving iptables if service iptables doesn’t work for you either.

  33. im agree with you thanks for u gays ,but the big problem is not the binding-ip ,the problem is how to access to this file if you are a client .
    the hosting company only can access to this file.

    1. Typically hosting companies will use some type of web client that will allow you to make these changes to a mysql database located on their system. I am not familiar with all of the systems out there, but in cpanel there should be a section of icons listed under the heading databases. Select “Remote MySQL” and enter the ip address or host name of the system you are allowing access. You will also need to do this if you are designing a website that will be database driven so that you can make connections to the database through a web page.

  34. Paul,

    Create user n then grant priviledges.

    create user ‘user’@’localhost’ identified by ‘password’;

    grant SELECTon db1.* to ‘user’@’10.1.1.13’ identified by ‘password’;

    Here user is the username
    password is the password for user to connect to mysql
    db1.* refers to all tables of db1
    10.1.1.13 refers to ip address from where the user connects

    You can also give ALL priviledges or SELECT,INSERT,UPDATE,DELETE,CREATE,DROP priviledges

    1. yes ,thnkx a lot .It worked for me . One thing i would like to share is that seperate create statement for user creation is not required in case of grant statement.grant command create user as well.

      Anyways thnkx ..thnkx a lot..

  35. It is a very helpful document, it did help me from the start and I’m facing the next step now; collaboration and backup from a remote machine&domain. They want to do a login from another domain and with port forwarding to copy a few DBs. Something like: $ ssh -L freeport:mysql-server-ip:3306 [email protected] and on the remotehost.domain in a new terminal window $ mysql -h localhost –port=freeport -u mysqluser -p
    comes back with : ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
    The [email protected] can login successfully with: $mysql -h mysql-server-ip -u mysqluser -p only the client port forwarding need something.

    Can anyone help with this ? Thanks in advance.

  36. hi i m confused with your query for the solution you have provided for the existing database grant to the existing user that he can logged with his original password or should we have to update the password.
    mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
    mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

  37. Anyone else getting this error:
    ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’

    When you run step 5 on Ubuntu 10.04?

  38. I wonder what’s the difference of just connecting via SSH, use a command line and access the mysql prompt from there.

    Any benefits of this tutorial’s approach than what I do with mine?

  39. Hi,
    I am trying to allow external connections to an existing database. When I issue the command:

    update db set Host=’202.54.10.20′ where Db=’webdb’;
    (I changed the IP to my host and webdb to my database name), I always get:
    “ERROR 1046 (3D000): No database selected”.

    If I select my database first (by doing “use mydb”;), and issue the above command again, then I get:
    “ERROR 1146 (42S02): Table ‘mydb.db’ doesn’t exist”

    What am I missing?

  40. and…. how could I grant all ip address range 192.168.1.20 – 192.168.1.30
    to connect into that mysql server?
    Don’t say to me repeat that command over 10 times. That’s not the answer, tough.

  41. Hello admin… just U save my life I was found how to access to my mysql BD for the enterily day and finally I found this page… It’s so clear and really helpful so thanks

  42. Hi there, I have a query that needs your support.

    This is the ERROR I get while creating a NEW SERVER INSTANCE: in Windows.

    1.………… error ………………………………………………………………………
    Connecting to MySQL server localhost…
    Cannot start SSH tunnel manager
    Connecting to MySQL server localhost…
    Cannot start SSH tunnel manager
    Connecting to MySQL server localhost…
    Cannot start SSH tunnel manager

    ……………………………………………………………………………………………

    And also

    2. ……………………………………………………………………………………………

    In order to manage a MYSQL server it must be installed as a service.

    The wizard could not find MYSQL service on the target machine, hence
    the server instance cannot be created.

    ……………………………………………………………………………………………

    Question

    How do I make sure that MYSQL 5.1 is running before I use the MYSQL
    Administrator to configure new Server Instance.

    I will be grateful to be answered the above question in reference to
    the errors the program is giving me in the Windows environment.

  43. I know this article is not about SSH but I just wanted to mention that those that are confused with these condifuration changes or skittish about doing them can just use an SSH client (I use Putty) and use tunneling to then access MySQL data as ‘localhost’. Keeps everything locked down and I use the MySQL administrator and Query Browser without any issues on a windows 7 machine. I do have a local dev MySQL server running on my machine so I do have to stop that service when I tunnel in to the remote MySQL debian linux machines. If I forget the user/pass’s will trip me up so not a serious mistake waiting to happen 🙂

  44. i have configured multiple instance of mysql having new instance port 3307. But am not able to connect to this port from a mysql client. Where should i change the configuration?

  45. Hello To all,
    mysql is work proparly,but for remotly access i make file as you write but after this changes mysql is not start,i am using centos 5
    /etc/ini.d/mysqld restart
    so please help me.As Soon as possible.

  46. Hi, I have edited my.cnf according to your Step-3. But while restarting it says “MySQL Daemon failed to start.”. Just for the note, my server is running on amazon ec2. Any idea what went wrong?

  47. Why do all this…if you have SSH Access, just setup a tunnel, unless you need people without SSH Access to access the database. But an SSH tunnel will be way more secure than opening it up to the world, and you don’t have to do any of this simply:

    ssh -L 3307:localhost:3306 [email protected]

    Using 3307, incase you have a local MySQL server installed.

  48. @Nicolas,

    Use a text editor such as vi. The default files are located in /usr/local/share/mysql/ directory. In this example copy /usr/local/share/mysql/mysql-large.cnf to /usr/local/etc/my.cnf and edit using vi:

    ## copy it ##
    cp /usr/local/share/mysql/mysql-large.cnf /usr/local/etc/my.cnf
    
    ## edit it ##
    vi /usr/local/etc/my.cnf
    
    ## restart the server ##
    /usr/local/etc/rc.d/mysql-server restart
    

    Hope this helps!

  49. Ok, I think i found mysql-large.cnf (though mine is called my-large.cnf). But i don’t have a etc folder at /usr/local/etc. Even tough I have one at /usr/etc, it haven’t got rc.d in it.. Help please!

  50. bind-adress should be set to the IP address from which the database is going be access, not IP address of the server itself.

    Setting bind-address to IP address of the server will cause mysql deamon fail to start and setting bind-address=0.0.0.0 (accepting all IP addresses) should solve the problem. Based on your example, bind-address could be set to 202.54.10.20 too.
    This is at least true to MySQL servers on Amazon EC2 (Centos) instances.

    Please update your tutorial if you agree with my comment.

    Thanks a lot for your detailed and useful tutorial anyway 🙂

  51. Having some issues on an Ubuntu 12.04 EC2 server. When i get to the stage to edit remote access to the DB.

    mysql> update db set Host=’202.54.10.20′ where Db=’webdb’;
    mysql> update user set Host=’202.54.10.20′ where user=’webadmin’;

    There doesn’t seem to be any entries into the db table (i am assuming we are looking at the root mysql database). Though my websites database is set up and working as its now a live system works with MySQL connections locally. I am trying to set up remote access to my development (home) network so i can run updated versions of the website locally without effecting the live version, but still use the live database.

    Any idea where i am going wrong?

  52. Thanks, this is exactly what I needed.

    Wanted to point out a little syntax error in step 5, which slowed me down since I am a command line mysql newbie. There should not be a space between the command option ‘-p’ and the password. Therefore the line should look like:

    $ mysql -u root -pmysql

  53. Need Help:

    update db set Host=’xx’ where Db=’xx’;
    update user set Host=’xx’ where user=’root’;

    After this commands my websites are down and cannot access localhost.
    How to undo?? Pls help 🙂

  54. When I modify my my.cnf bind-address with my IP address after restarting mysql service getting error message
    Shutting down MySQL
    .. *
    Starting MySQL
    ….. * The server quit without updating PID file (/var/lib/mysql/v-testmate4.pid).

    And on accessing mysql -u root -p ‘password’
    It gives error : ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2)

  55. I had some trouble with this and after some googling and experimentation I think I have found the solution.
    The problem was mysql didn’t want to start anymore after changing the bind-ip address. Turns out I didn’t need to fill in my external IP, but my internal IP (so not localhost but the ip it has in the network). After that mysql did start again and by opening the correct port it is accessible from the internet.

      1. Alright, figured it out for reals this time. Made the stupid error of making a user for the same database with [email protected]%, but then I didn’t add any privileges to the user so it wasn’t allowed to do anything.
        However I now have this address for the bind ip: 0.0.0.0 (found it somewhere online and is used as the address for all addresses (ipv4)), which is nice since * didn’t work.
        Haven’t tested again for the internal ip address if that works too, since it works now and I’m fine with that.

  56. I have my own server at home with Ubuntu Server to test my apps made on PHP. And I need to enable remote access to MySQL server but I’m confused with the bind-address, I have to put the Public Ip or the local IP of the pc?

  57. When changing this on a production system your local data will not be able to connect if you reference the host as localhost. To fix that, change your database settings for host to your server IP that you specified in my.cnf file. For example, for wordpress, change the DB_HOST in wp-config.php from localhost to you server IP.

  58. I see that this is an old post but it has current relevance so please update this for Ubuntu (among the top two most popular Linux distros) for where the file is located and how to restart the server.

    File location:
    /etc/mysql/mysql.conf.d/mysqld.cnf

    Server restart:
    sudo service mysq

    Also, in MySQL 5.6+, “skip-networking” is no longer the default so you will not find that line to comment out nor remove. It is removed by default but by default, they bind it to the loopback address, 127.0.0.1.

    so either comment out the “bind-to” line or change it to the resolved address of your server.

    If you want it to be available for remote (in-front your firewall) entry, this produces one of two issues; set it to the private IP address and everyone outside is blocked or set it to the public IP address and everyone inside is blocked (and your server is exposed).

    The solution is to bind it to the private IP address then your remote computer needs to VPN into the network first where it can see the private IP address of the server.

    Alternately, remove/comment the “bind-to” line from your config file.

  59. Thank you so much for this. I did the obvious, enabling remote access in the mysql privileges, but was unable to access due to the local host bind.
    I am wondering if we can set the bind to a specific IP range, like the local network subnet, and if that would effectively limit listening for login attempts to the local network at least.
    This helped so much though, being able to actually connect. thank you!

  60. How would I go about allowing connection from anywhere?

    I have a ham radio logging software that I’d like to run portable and connect back to my home server running mysql to save the logs. My IP could be anything.

    I can change the ports or use NAT to avoid port scanning, but I have no idea how to modify the update commands to allow connections from anywhere.

Leave a Comment