Monday 12 November 2018

Enable remote MySQL connection: ERROR 1045 (28000): Access denied for user

MySQL 5.1.31 running on Windows XP.
From the local MySQL server (192.168.233.142) I can connect as root as follows:
>mysql --host=192.168.233.142 --user=root --password=redacted
From a remote machine (192.168.233.163), I can see that the mysql port is open:
# telnet 192.168.233.142 3306
Trying 192.168.233.142...
Connected to 192.168.233.142 (192.168.233.142).
But when trying to connect to mysql from the remote machine, I receive:
# mysql --host=192.168.233.142 --user=root --password=redacted 
ERROR 1045 (28000): Access denied for user
 'root'@'192.168.233.163' (using password: YES)
I have only 2 entries in mysql.user:
Host         User     Password
--------------------------------------
localhost    root     *blahblahblah
%            root     [same as above]
What more do I need to do to enable remote access?
EDIT
As suggested by Paulo below, I tried replacing the mysql.user entry for % with an 
IP specific entry, so my user table now looks like this:
Host             User     Password
------------------------------------------
localhost        root     *blahblahblah
192.168.233.163  root     [same as above]
I then restarted the machine, but the problem persists.

 Answers


You have to put this as root:
GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'@'IP'
 IDENTIFIED BY 'PASSWORD' with grant option;

Where IP is the IP you want to allow access and USERNAME is the user 
you use to connect. If you want to allow access from any IP just put % instead of your IP
and then you only have to put
FLUSH PRIVILEGES;
Or restart mysql server and that's it.


By default in MySQL server remote access is disabled. 
The process to provide a remote access to user is.
  1. Go to my sql bin folder or add it to PATH
  2. Login to root by mysql -uroot -proot (or whatever the root password is.)
  3. On success you will get mysql>
  4. Provide grant access all for that user.
GRANT ALL PRIVILEGES ON *.* TO 'username'@'IP' IDENTIFIED BY 'password';
Here IP is IP address for which you want to allow remote access, 
if we put % any IP address can access remotely.
Example:
C:\Users\UserName> cd C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin

C:\Program Files (x86)\MySQL\MySQL Server 5.0\bin>mysql -uroot -proot

mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'root';
Query OK, 0 rows affected (0.27 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.25 sec)
This for a other user.
mysql> GRANT ALL PRIVILEGES ON *.* TO 'testUser'@'%' IDENTIFIED BY 'testUser';
Query OK, 0 rows affected (0.00 sec)

mysql> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.00 sec)
Hope this will help


Do you have a firewall ? make sure that port 3306 is open.
On windows , by default mysql root account is created that is permitted to 
have access from localhost only unless you have selected the option to 
enable access from remote machines during installation .
creating or update the desired user with '%' as hostname .
example :
CREATE USER 'krish'@'%' IDENTIFIED BY 'password';


In my case I was trying to connect to a remote mysql server on cent OS. 
After going through a lot of solutions (granting all privileges, removing ip 
bindings,enabling networking) problem was still not getting solved.
As it turned out, while looking into various solutions,I came across iptables, 
which made me realize mysql port 3306 was not accepting connections.
Here is a small note on how I checked and resolved this issue.

    1. Checking if port is accepting connections:
    telnet (mysql server ip) [portNo]
    2. Adding ip table rule to allow connections on the port:
    iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT

    3. Would not recommend this for production environment, 
    but if your iptables are not configured properly, adding the rules might not still solve the issue.
     In that case following should be done:
    service iptables stop
New location for mysql config file is
/etc/mysql/mysql.conf.d/mysqld.cnf


The user/host combination may have been created without password.
I was assuming that when adding a new host for an existing user (using a GUI app), 
the existing password would also be used for the new user/host combination.
I could log in with
mysql -u username -p PASSWORD
locally, but not from IPADDRESS with
mysql -u --host=HOST -p PASSWORD
(I could actually log in from IPADDRESS without using a password)
mysql -u --host=HOST
Setting the password allowed access:
set password for '<USER>'@'<IPADDRESS>' = '<PASSWORD>';

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)