434

I have installed MySQL Community Edition 5.5 on my local machine and I want to allow remote connections so that I can connect from external source.

How can I do that?

Promise Preston
  • 24,334
  • 12
  • 145
  • 143
Leo
  • 4,517
  • 4
  • 14
  • 9

19 Answers19

877

That is allowed by default on MySQL.

What is disabled by default is remote root access. If you want to enable that, run this SQL command locally:

 GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
 FLUSH PRIVILEGES;

And then find the following line and comment it out in your my.cnf file, which usually lives on /etc/mysql/my.cnf on Unix/OSX systems. In some cases the location for the file is /etc/mysql/mysql.conf.d/mysqld.cnf).

If it's a Windows system, you can find it in the MySQL installation directory, usually something like C:\Program Files\MySQL\MySQL Server 5.5\ and the filename will be my.ini.

Change line

 bind-address = 127.0.0.1

to

 #bind-address = 127.0.0.1

And restart the MySQL server (Unix/OSX, and Windows) for the changes to take effect.

Iftekhar Ahmed
  • 55
  • 7
mjuarez
  • 16,372
  • 11
  • 56
  • 73
  • I did that ( grant privileges ) but still can't connect . and I'm using windows os I can't find my.cnf – Leo Feb 08 '13 at 18:51
  • Updated the answer to reflect the location of the my.cnf file on Windows. – mjuarez Feb 08 '13 at 18:57
  • 4
    Ok so I've added the binnd-address = 127.0.0.1 at the end of the file and I've tried to connect using navicat from external host and I get 10060 error – Leo Feb 08 '13 at 19:03
  • 10
    Hmm, you don't need to add it. Like my answer said, you need to comment it out, not add it. There's one in there by default, so you'd need to find that, and comment it out by prefixing it with # – mjuarez Feb 08 '13 at 19:05
  • 7
    Hmm , in \MYsql Server 5.5\ there's only 1 ini file called my-default.ini and the only line without the # is this : sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES – Leo Feb 08 '13 at 19:11
  • Ah ...done it seems that my other pc was blocking the access..thanks btw – Leo Feb 08 '13 at 19:22
  • 2
    this answer works perfect. thnx @mjuarez - GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION; – ramya Sep 13 '13 at 12:26
  • 2
    What am I doing wrong if the GRANT results in Query OK, 0 rows affected (0.00 sec)? – andig Jan 24 '15 at 14:47
  • 1
    Thanks it worked... i did not require to do bind-address = 127.0.0.1 – Shridutt Kothari Sep 24 '15 at 07:39
  • 2
    it does not work i follow all the steps , i'm using windows 8 , and no line for bind-address was founded in the My.ini i always get the same error – Oussaki Nov 01 '15 at 13:52
  • @Oussaki which version of MySQL are you using? – mjuarez Nov 01 '15 at 21:34
  • 1
    You might also have to open port 3306 in the Windows firewall (inbound rule for TCP). – Zitrax Nov 12 '15 at 07:23
  • 1
    I found you have to restart to mysql service after changing bind address. – srayner Dec 11 '15 at 09:33
  • 1
    I think this is also should be after granting "FLUSH PRIVILEGES;" – Humoyun Ahmad Mar 24 '16 at 11:42
  • 1
    Only commenting out `bind-address` didn't work for me. Either `bind-address = 0.0.0.0` or `bind-address = ` works. – chhantyal May 24 '16 at 16:43
  • When following this series of steps and use my password in place, I get an error that says "Password has should be a 41-digit hexadecimal number" How do I get MySQL to accept my plain password and generate the hex for me?\ What is going wrong here? Tried using SET old_passwords = 0; – Brandon S. Apr 10 '17 at 13:18
  • @BrandonS. you might have a typo. Take a look at this: https://lists.mysql.com/mysql/204753 – mjuarez Apr 10 '17 at 14:34
  • That didn't really help. Double checked everthing. No typo. I ended up having to actually enter the Hash value of the password, which I got by using SELECT password('mypassword'). (http://knowmysql.blogspot.com/2013/09/mysql-grant-password-error-error-1372.html) – Brandon S. Apr 10 '17 at 15:33
  • 80
    To those looking for the `my.cnf` file and not finding a `bind-address` directive in it, note that in my case (MySQL version 14.14 on Ubuntu 16.04.2) the location for the file was `/etc/mysql/mysql.conf.d/mysqld.cnf` – Ash Menon Jul 10 '17 at 16:41
  • 1
    'password' should be replaced with the users actual password... for any noobs like me. – QuickPrototype Jul 24 '18 at 15:10
  • 14
    I follow and run command but mysql return ```You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED BY '*****' WITH GRANT OPTION' at line 1``` . What should I do? – Hà Link Aug 20 '18 at 18:29
  • 1
    Plus, I use (brew) mysql version 8.0.12 – Hà Link Aug 20 '18 at 18:29
  • 2
    @HàLink for mysql 8 check this: https://stackoverflow.com/questions/50409788/mysql-8-create-new-user-with-password-not-working – Ali Hashemi Sep 14 '18 at 12:47
  • If there's a firewall installed, one should open the port on the firewall: `sudo ufw allow 3306/tcp` and finally `sudo service ufw restart`. – JCarlosR Mar 11 '19 at 19:09
  • How to reverse back? – Asif Mushtaq Jun 11 '19 at 20:10
  • Can anyone explain why this is necessary? – daraul Jan 10 '20 at 01:58
  • 1
    My.ini on Windows is in C:\ProgramData\MySQL\MySQL Server 8.0\ (At least with version 8.0) – Nikola Petrovic Jan 30 '20 at 11:39
  • mysql workbench doesn't work for Windows 7, it just can't connect. I tried Navicat under window 7 and worked. – Rick Jul 29 '20 at 08:02
  • 1
    Note that [MySQL 8 removed](https://ma.ttias.be/mysql-8-removes-shorthand-creating-user-permissions/) the one-liner for creating a user and granting permissions to it! – owengall Sep 23 '20 at 21:16
  • I am getting the error : mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'StackOverflowSolution' WITH GRANT OPTION; ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'IDENTIFIED BY 'StackOverflowSolution' WITH GRANT OPTION' at line 1 How to fix this error? Mine is MySQL community edition 8 on Windows 11 – Ashu Aug 10 '23 at 05:14
56

After doing all of above I still couldn't login as root remotely, but Telnetting to port 3306 confirmed that MySQL was accepting connections.

I started looking at the users in MySQL and noticed there were multiple root users with different passwords. 

select user, host, password from mysql.user;

So in MySQL I set all the passwords for root again and I could finally log in remotely as root.

use mysql;
update user set password=PASSWORD('NEWPASSWORD') where User='root';
flush privileges;
bounav
  • 4,886
  • 4
  • 28
  • 33
Matthew Lock
  • 13,144
  • 12
  • 92
  • 130
48

Just a note from my experience, you can find configuration file under this path /etc/mysql/mysql.conf.d/mysqld.cnf.

(I struggled for some time to find this path)

Craig S. Anderson
  • 6,966
  • 4
  • 33
  • 46
Mayur Patel
  • 759
  • 7
  • 16
33

In my case I was trying to connect to a remote mysql server on cent OS. After going through a lot of solutions (granting all privileges, removing ip bindings,enabling networking) problem was still not getting solved.

As it turned out, while looking into various solutions,I came across iptables, which made me realize mysql port 3306 was not accepting connections.

Here is a small note on how I checked and resolved this issue.

  • Checking if port is accepting connections:
telnet (mysql server ip) [portNo]
  • Adding ip table rule to allow connections on the port:
iptables -A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j ACCEPT
  • Would not recommend this for production environment, but if your iptables are not configured properly, adding the rules might not still solve the issue. In that case following should be done:
service iptables stop

Hope this helps.

Kushal
  • 423
  • 5
  • 8
29

All process for remote login. Remote login is off by default.You need to open it manually for all ip..to give access all ip 

GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'password';

Specific Ip

GRANT ALL PRIVILEGES ON *.* TO 'root'@'your_desire_ip' IDENTIFIED BY 'password';

then 

flush privileges;

You can check your User Host & Password

SELECT host,user,authentication_string FROM mysql.user;

Now your duty is to change this 

bind-address = 127.0.0.1

You can find this on 

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

if you not find this on there then try this

sudo nano /etc/mysql/my.cnf

comment in this 

#bind-address = 127.0.0.1

Then restart Mysql

sudo service mysql restart

Now enjoy remote login

albus_severus
  • 3,626
  • 1
  • 13
  • 25
19

Please follow the below mentioned steps inorder to set the wildcard remote access for MySQL User.

(1) Open cmd.

(2) navigate to path C:\Program Files\MySQL\MySQL Server 5.X\bin and run this command.

mysql -u root -p

(3) Enter the root password.

(4) Execute the following command to provide the permission.

GRANT ALL PRIVILEGES ON *.* TO 'USERNAME'@'IP' IDENTIFIED BY 'PASSWORD';

USERNAME: Username you wish to connect to MySQL server.

IP: Public IP address from where you wish to allow access to MySQL server.

PASSWORD: Password of the username used.

IP can be replaced with % to allow user to connect from any IP address.

(5) Flush the previleges by following command and exit.

FLUSH PRIVILEGES;

exit; or \q

enter image description here

Antonio112009
  • 415
  • 2
  • 7
  • 21
Hiren Parghi
  • 1,795
  • 1
  • 21
  • 30
10

I had to this challenge when working on a Java Project with MySQL server as the database.

Here's how I did it:

First, confirm that your MySQL server configuration to allow for remote connections. Use your preferred text editor to open the MySQL server configuration file:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

Scroll down to the bind-address line and ensure that is either commented out or replaced with 0.0.0.0 (to allow all remote connections) or replaced with Ip-Addresses that you want remote connections from.

Once you make the necessary changes, save and exit the configuration file. Apply the changes made to the MySQL config file by restarting the MySQL service:

sudo systemctl restart mysql

Next, log into the MySQL server console on the server it was installed:

mysql -u root -p

Enter your mysql user password

Check the hosts that the user you want has access to already. In my case the user is root:

SELECT host FROM mysql.user WHERE user = "root";

This gave me this output:

+-----------+
| host      |
+-----------+
| localhost |
+-----------+

Next, I ran the command below to grant the root user remote access to the database named my_database:

USE my_database;
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'my-password';

Note: % grants a user remote access from all hosts on a network. You can specify the Ip-Address of the individual hosts that you want to grant the user access from using the command - GRANT ALL PRIVILEGES ON *.* TO 'root'@'Ip-Address' IDENTIFIED BY 'my-password';

Afterwhich I checked the hosts that the user now has access to. In my case the user is root:

SELECT host FROM mysql.user WHERE user = "root";

This gave me this output:

+-----------+
| host      |
+-----------+
| %         |
| localhost |
+-----------+

Finally, you can try connecting to the MySQL server from another server using the command:

mysql -u username -h mysql-server-ip-address -p

Where u represents user, h represents mysql-server-ip-address and p represents password. So in my case it was:

mysql -u root -h 34.69.261.158 -p

Enter your mysql user password

You should get this output depending on your MySQL server version:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.31 MySQL Community Server (GPL)

Copyright (c) 2000, 2020, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>

Resources: How to Allow Remote Connections to MySQL

That's all.

I hope this helps

Promise Preston
  • 24,334
  • 12
  • 145
  • 143
9

Close comment at link /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/my.cnf:

bind-address = 127.0.0.1  =>>  #bind-address = 127.0.0.1

Change the hostname so that all machines can access it, run this SQL command locally:

UPDATE mysql.user SET Host='%' WHERE Host='localhost' AND User='root';
FLUSH PRIVILEGES;

Restart service:

sudo service mysql restart

Open port mysql:

sudo ufw allow 3306
Nam Sama
  • 375
  • 3
  • 6
7

If your MySQL server process is listening on 127.0.0.1 or ::1 only then you will not be able to connect remotely. If you have a bind-address setting in /etc/my.cnf this might be the source of the problem.

You will also have to add privileges for a non-localhost user as well.

tadman
  • 208,517
  • 23
  • 234
  • 262
  • Weird, how could your server be "listening" on another IP besides `127.0.0.1`? – Pacerier Jan 23 '15 at 14:27
  • 2
    @Pacerier 127.0.0.1 is only bound to the loopback interface. External connections will not work. A system will often have multiple network interfaces, each of which needs to be bound to specifically, or you can use the bind-all 0.0.0.0 address. – tadman Jan 23 '15 at 16:36
7

If you installed MySQL from brew it really does only listen on the local interface by default. To fix that you need to edit /usr/local/etc/my.cnf and change the bind-address from 127.0.0.1 to *.

Then run brew services restart mysql.

Timmmm
  • 88,195
  • 71
  • 364
  • 509
  • 2
    For my ubuntu 16.04.4 server, the bind-address setting is in /etc/mysql/mysql.conf.d/mysqld.cnf – Frank Nov 20 '18 at 23:53
  • This is not just using brew, any MySQL will have this default setting, to only allow local connections. – nivs1978 Feb 18 '19 at 09:03
5

Just F.Y.I I pulled my hair out with this problem for hours.. finally I call my hosting provider and found that in my case using a cloud server that in the control panel for 1and1 they have a secondary firewall that you have to clone and add port 3306. Once added I got straight in..

Dan
  • 59
  • 1
  • 1
4

For whom it needs it, check firewall port 3306 is open too, if your firewall service is running.

Zelkovar
  • 119
  • 1
  • 5
  • Just realized that disabling Windows Firewall entirely was not enough too. I found I need disable my antivirus (Eset Endpoint Security). Now I can bring back Windows Firewall after adding a exception in my AV for mysqld-nt.exe – Vitor Canova Jul 14 '22 at 17:54
3

This blog How to setup a MySQL server on Local Area Network will be useful in setting up a MySQL from scratch

Kasun Siyambalapitiya
  • 3,956
  • 8
  • 38
  • 58
3

If mysqld has a bind address set to a loopback/local address (e.g. 127.0.0.1), the server will not be reachable from remote hosts, because a loopback interface cannot be reached from any remote host.

Set this option to 0.0.0.0 (:: for IPv4+6) to accept connections from any host, or to another externally-reachable address if you want to only allow connections on one interface.

Source

Wesley Smith
  • 149
  • 1
  • 9
2

And for OS X people out there be aware that the bind-address parameter is typically set in the launchd plist and not in the my.ini file. So in my case, I removed <string>--bind-address=127.0.0.1</string> from /Library/LaunchDaemons/homebrew.mxcl.mariadb.plist.

tdmartin102
  • 76
  • 5
2

Enabling remote root access can be dangerous. It would be preferable if you were to set up user accounts with more restrictive permissions. The following three steps should do it.

  1. Ensure that the line starting with bind-address ... is at least commented out in your my.ini or my.cnf file. If it doesn't exist, move on. You can find this file in C:\ProgramData\MySQL\MySQL Server 8.0 on Windows.

  2. Afterwards, check that the user account you are establishing the connection with does not have localhost in the Limit to Hosts Matching field. While it isn't recommended, you can instead put % in that field for testing purposes. You can do this by opening a local connection to the server with MySQL Workbench, then going to Server>Users and Privileges from the menu bar and finding the user account you want to connect with.

The "Limit to Hosts Matching" field is what disallows you to connect non-locally. I.e. it limits the accepted connections to a pattern of IP addresses. Ideally, you should be accessing the MySQL server from a static IP address or subnet, so that you can be as restrictive as possible.

  1. Obviously, your firewall should allow the MySQL Server application to communicate over the port you want. The physical networking equipment in between you and your server should allow communication on the port you want to connect with. (port 3306 typically)
Nikola Petrovic
  • 101
  • 2
  • 9
2

MySQL 8 no longer allows you to create a user using the GRANT command. You need to create the user first.

CREATE USER 'root'@'%' IDENTIFIED BY 'PASSWORD';
GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;
Bienvenido David
  • 4,118
  • 1
  • 25
  • 16
1

some times need to use name of pc on windows

first step) put in config file of mysql:

mysqld.cnf SET bind-address= 0.0.0.0

(to let recibe connections over tcp/ip)

second step) make user in mysql, table users, with name of pc on windows propierties, NOT ip

enter image description here

Rubén Ruíz
  • 453
  • 4
  • 9
1
  • Check remote server grant permission to Wildcard access to port 3306:

sudo lsof -i -P -n | grep LISTEN

It should NOT be same like this:

mysqld 23083 mysql 21u IPv4 145900142 0t0 TCP 127.0.0.1:3306 (LISTEN)

In this case, we need to update /etc/mysql/mysql.conf.d/mysqld.cnf or /etc/mysql/mariadb.conf.d/50-server.cnf with:

bind-address = 127.0.0.1 --> 0.0.0.0

And then restart mysql "sudo service mysql restart"

In order to test mySQL connection from a client:

nc -vz <host_address> 3306

Duc Toan Pham
  • 474
  • 6
  • 6