• Sales: 1-800-961-2888
  • Support: 1-800-961-4454

Feedback

Let us know what you think of our Knowledge Center!

Open Cloud Community

Learn about Rackspace products, ask questions, and share your knowledge in our Open Cloud Community.

MySQL - Connect to your database remotely

  • Article ID: 397
  • Last updated on January 11, 2013
  • Authored by: Rackspace Support
  • (11 Comments)

This tutorial will walk you through setting up a user on your MySQL server to connect remotely.

The following items are assumed:

  • You have access to login as the 'root' MySQL user

Contents

Getting your IP address

You will need to know what the IP address you are connecting from. To find this you can go to one of the following sites:

Granting Access

Granting access to a user from a remote host is fairly simple and can be accomplished from just a few steps. First you will need to login to your MySQL server as the root user. You can do this by typing the following command:

# mysql -u root -p

This will prompt you for your MySQL root password.

Once you are logged into MySQL you need to issue the GRANT command that will enable access for your remote user. In this example we will be creating a brand new user (fooUser) that will have full access to the fooDatabase database.

Keep in mind that this statement is not complete and will need some items changed. Please change 1.2.3.4 to the IP address that we obtained above. You will also need to change my_password with the password that you would like to use for fooUser.

mysql> GRANT ALL ON fooDatabase.* TO fooUser@'1.2.3.4' IDENTIFIED BY 'my_password';

This statement will grant ALL permissions to the newly created user fooUser with a password of 'my_password' when they connect from the IP address 1.2.3.4.

Testing Remotely

Now you can test your connection remotely. You can access your MySQL server from another Linux server:

# mysql -u fooUser -p -h 44.55.66.77
Enter password: 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 17
Server version: 5.0.45 Source distribution

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> _

Note that the IP of our MySQL server is 44.55.66.77 in this example.

Notes

There are a few things to note when setting up these remote users:

  • When setting up users a local user is not the same thing as a remote user. For instance fooUser@localhost is not the same as fooUser@1.2.3.4. You will have to duplicate permissions if you want them to have the same permissions.
  • Granting ALL permissions is not advised. Using GRANT SELECT,INSERT,UPDATE,DELETE is a wise alternative for a normal user.
  • If you would like to grant only to a specific table you can use database.table instead of database.*. In respect to our example above you could put fooDatabase.fooTable.
  • If you are using iptables you will need to make an entry in your firewall for TCP port 3306. When creating your firewall rule you can simply use the name 'mysql' for the port number. Search our wiki for iptables and you will find a list of common rule sets which include an entry for MySQL.

 



© 2011-2013 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER

11 Comments

I'm very surprised that this awesome feature of *NIX systems is never exploited in such documents. I would never expose port 3306 to the public Internet, you never know what could happen and can never be too paranoid about the Internet.

I can explain how I connect to MySQL securely in one *NIX command line: "ssh -L 3306:localhost:3306 [IP Address of Remote server]"

This is the simplest way, but there are more switches you can use with SSH to for example daemonize the SSH client. Putty can also do this.

Now when you open up MySQLWorkbench, just connect to: 127.0.0.1:3306. You need to enter the IP rather than localhost, or MySQL will attempt to connect using a unix named socket(which obviously does not exist on your local machine).

And there you have it, a secured tunnelled connection to your MySQL server.
By Kevin Veroneau on Jul. 30, 2012

Thanks for pointing that out Kevin. An ssh tunneling article is definitely on my (growing) to-do list. It's a fantastic feature of ssh, good for creating secure connections between servers too.
By jered.heeschen on Jul. 30, 2012

... there are lots of pages for this issue out there, but I found this tutorial particularly useful:

http://chxo.com/be2/20040511_5667.html

Obviously with such a technique there are other issues to consider, which the above article covers.
By Henry Hughes on Jul. 30, 2012

If your remote connection to MySQL is still not working after opening port 3306, try commenting out "bind-address=xx.xx.xx.xx" line from my.cnf. Commenting out allows mysqld to accept connection from all IPs.
By Anonymous on Jul. 30, 2012

it worked .thanks friend
By nuwan on Aug. 21, 2012

Thanks, works great!
By RG on Apr. 24, 2013

Hey folks, I was reading some of the comments on the replies as I was getting stuck connecting to MySQL via MySQL Workbench. I managed to figure it out and thought I would pass on some of my experiences in case anyone has a similar setup to me.

I have SSH with public keys setup and I am using a specific port other than the default 22. I was having problems making a remote connection using MySQL Workbench following the tutorial and I worked it out.

1. Make sure if you are creating a new connection in MySQL Workbench that you select the Standard TCP/IP over SSH as the Connection Method.

2. Enter your SSH Hostname as 'serverIP':'port' e.g. 123.321.1.12:123456
3. Enter your SSH Username
4. Enter your MySQL Hostname as 'localhost'
5. Enter your MySQL Port e.g. 3306
6. Enter your MySQL Username - you should have already set this up
7. Test your connection

You will be prompted to enter your SSH password and MySQL user password, and you can choose whether you want to save these in your keychain if you're using a Mac. Job done!

It took me a while to figure out that my MySQL Hostname was 'localhost' but I got there in the end by trial and error.

If anyone who knows more about connecting to MySQL has any feedback, let me know, as I believe from what I have read following the Rackspace tutorials I am creating a secure connection.
By Tom Ireland on Sep. 3, 2012

it works on windows??
By hasan on Apr. 24, 2013

It should, yes. You'd need to install MySQL for Windows to get the client, available here:

http://www.mysql.com/downloads/installer/
By jered.heeschen on Apr. 24, 2013

I have such problem, in my home, every day my IP address can change, so it means, i have not fixed ip address. to handle this, what should I do. Thanks before
By AURShax on May. 6, 2013

You can use the percentage character ('%') for the hostname to allow a connection from any host, but that does pose a security risk. A better approach might be to make your connections by first using ssh to connect to the DB server and running the mysql command from there (since you could then grant access to 'user'@'localhost') or create a separate Cloud Server for the purpose of sshing in and using the mysql client from there, granting access to the IP address of that server.
By jered.heeschen on May. 6, 2013

Add new comment