Remote connection to MySQL server...?

Christopher J. Bottaro cjbottaro at alumni.cs.utexas.edu
Wed Oct 20 16:08:18 UTC 2004 

Alexander Dalloz wrote:

> Am Mi, den 20.10.2004 schrieb Christopher J. Bottaro um 17:12:
> 
>> First off, I can't remotely connect to the database.  I did:
> 
> Be aware that this can be a security problem. The communication between
> the client and the MySQL server is 'sniffable'.

Thanks for the heads up.

>> That added a corresponding entry into mysql.user, but when I try to
>> connect by a remote machine via tora, it says it can't open a connection.
>> Connecting via tora on the localhost works fine.  Do I need a specific
>> port open on my firewall?
> 
> Yes, port 3306 (that is default) has to be open. Second, your MySQL user
> must be explictly allowed to connect from remote. This is done within
> the user management of MySQL. It is a difference for MySQL whether a
> user tries to connect from localhost, a specific other host or any other
> host.
> 
> http://dev.mysql.com/doc/mysql/en/User_Account_Management.html

Port 3306 is open and /etc/my.cnf has a line "port = 3306" in the [mysqld]
section.  Yes, I've read the mysql manual and I *think* I've setup my user
to be able to connect from the remote host.  Here is the relevant portion
of my mysql.user table:

+-------------+---------+------------------+
| Host        | User    | Password         |
+-------------+---------+------------------+
| aa.bb.cc.dd | pymymud | (hashed passwd)  |
+-------------+---------+------------------+

Then from aa.bb.cc.dd, I try to connect:

mysql -u pymymud -p -h <ipaddr of mysql server> -P 3306 pymymud
ERROR 1130: Host 'aa.bb.cc.dd' is not allowed to connect to this MySQL
server

>> My second problem is really more a nuisance than a real problem.  When I
>> execute "service mysqld start", it sits there for a while then finally
>> says
>> about timing out then [failed].  Well, it didn't fail cuz I can connect
>> and use the database just fine...so whats up with the failure message
>> (and semi long wait for the "timeout")?
> 
> It is the routine in the init script checking whether the daemon is
> running and responding. Did you set a password for the MySQL root user
> and deleted the anonymous user?

Yes, I changed the password of the root MySQL user.  I didn't delete the
anonymous users, but I did change the passwords for them.  Here is (part
of) my mysql.user table:

+-------------+---------+------------------+
| Host        | User    | Password         |
+-------------+---------+------------------+
| localhost   | root    | (hashed passwd)  |
| semaphore   | root    | (hashed passwd)  |
| localhost   |         | (hashed passwd)  |
| semaphore   |         | (hashed passwd)  |
| localhost   | pymymud | (hashed passwd)  |
| aa.bb.cc.dd | pymymud | (hashed passwd)  |
+-------------+---------+------------------+

Thank you for the help.

More information about the fedora-list mailing list