Skip to main content

How To Enable Remote Access To MySQL Server?


Mysql server by default disables the remote access of the server... To access it from a remote host follow the below steps.....

Step # 1: Login to your mysql server with SSH.

Step # 2: Enable the networking in the server.

Now open the my.cnf file using your favourite editor. I used vi.

# vi /etc/my.cnf

Step # 3:Then locate line follows

[mysqld]

Make sure line skip-networking is commented (or remove line) and add following line

bind-address=YOUR-SERVER-IP

For example, if your MySQL server IP is 23.23.23.23 then entire block should be look like as follows:
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/English
bind-address = 23.23.23.23
# skip-networking


Here
bind-address : IP address to bind to.

Dont forget to comment the line skip-networking to enable communication over tcp/ip.

Step# 4 Save and Close the file

Restart your mysql service to take change in effect:# /etc/init.d/mysql restart
Step # 5 Then grant access to the remote IP address

# mysql -u root -p mysqlGrant access to new database

If you want to add new database called db1 for user user1 and remote IP 20.20.20.20 then you need to type following commands at mysql> prompt:mysql> CREATE DATABASE db1;
mysql> GRANT ALL ON db1.* TO user1@'20.20.20.20' IDENTIFIED BY 'SOME STRONG PASSWORD';


To Grant access to existing database... Do the following...

mysql> update db set Host='20.20.20.20' where Db='db1';
mysql> update user set Host='20.20.20.20 where user='user1';
Step # 5: Logout of MySQL
Or Just Use This....

GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;

Type exit command to logout mysql:mysql> exit
Step # 6: Open port 3306

/sbin/iptables -A INPUT -i eth0 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your web server located at 10.2.70.3:

/sbin/iptables -A INPUT -i eth0 -s 10.2.70.3 -p tcp --destination-port 3306 -j ACCEPT

OR only allow remote connection from your lan subnet 21.21.21.21/24:

/sbin/iptables -A INPUT -i eth0 -s 21.21.21.21/24 -p tcp --destination-port 3306 -j ACCEPT

A sample FreeBSD / OpenBSD pf rule ( /etc/pf.conf)

pass in on $ext_if proto tcp from any to any port 3306

OR allow only access from your web server located at 10.2.70.3:

pass in on $ext_if proto tcp from 10.2.70.3 to any port 3306 flags S/SA synproxy state

Step # 7: Now it's time to test

From remote system or your desktop type the command:
$ mysql -u user1 –h 23.23.23.23 –p
Where,

* -u user1: user1 is MySQL username
* -h IP or hostname:23.23.23.23 is MySQL server IP address or hostname (FQDN)
* -p : Prompt for password

Comments

Popular posts from this blog

Shell Script to check tomcat status and restart

The below script checks the status of a particular tomcat status and restarts it if the tomcat does not respond....TOMCAT_HOME=/usr/local/tomcat-folder/

is_Running ()
{

        wget -O - http://yourserver.com/ >& /dev/null
 if( test $? -eq 0 ) then
  return 0
 else
  return 1
 fi
}


kill_Hanged_Processes ()
{
 echo "killing hanged processes......"
 javaProcs=`ps -efl| grep -v grep | grep java`
 if(test ! -z "$javaProcs") then
  echo "nonzero"
  processId=`echo $javaProcs | awk '{ print $2} '`
  echo "$processId"
  kill -9 $processId
 fi
}
stop_Tomcat ()
{
 echo "shutting down......"
 $TOMCAT_HOME/bin/shutdown.sh
}

start_Tomcat ()
{
 echo "starting......"
 $TOMCAT_HOME/bin/startup.sh
}

restart ()
{
 stop_Tomcat
 sleep 10
 kill_Hanged_Processes
 start_Tomcat
 sleep 60
}

send_Mail ()
{
#!/bin/bash
# script to send simple email
# email subject
SUBJECT="Telegraphindia.com went down"
# Email To ?
EMAIL="mailid1@gmail.com,mailid2@gmail.com"
# Em…

Getting access to menu from portlet in liferay

The below code describes the way of accessing menu items from the portlet. Here i have called it from jsp. The best thing about this is you can use the beautiful permission management of menu items of liferay as well without bothering about that. Writing services for fetching menu names from the layout tables will need more codes for permission managements......

Hope this helps.........


<%--
/**
* Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
*
* This library is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 2.1 of the License, or (at your option)
* any later version.
*
* This library is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
* details.
*/
--%>
<%@ page import="com.li…

Virus f Opyum Team

Symptoms :: 
Several processes running named f or i. 
Network choked
Apache Dead
Unknown entry  * * * * * root f Opyum Team in crontab

Investigate ::
Try to kill the f process and even root will be unable to kill it. Check file named f and i in /etc or /bin or /usr/sbin directory. Try to delete, the file f  will not delete.  Some unknown .jpg files will be there in the same folder. 

Solve :: The root is unable to delete the file f because of the immutable bit in f
To remove it use ses or chattr
Follow the below steps to remove it completely.....



remove the unknown .jpg files in system folders

#top
(kill process f) option k

#ses -i /bin/f
#rm /bin/f
#ses -i /etc/crontab
#vi /etc/crontab (and delete last line)
#reboot


Precautions ::  In my case the server was hacked bu Brute-force attack
So set a good password with a combination of upper,lower case letters and special characters.

Post your feedback or any issues you may face removing the virus.  Very less number of good threads are there explaining …