MYSQL Server (Debian Linux) remote access settings

Source: Internet
Author: User
Tags iptables

1. Log in to MySQL Server:

$mysql-U root-p

2. Check the network, whether the server allows remote connections:

Mysql> Show variables like '%skip_networking% '; This value should be ' off ' and the general default value is ' off ', which means that TCP/IP connections are allowed
Skip_networking: Local connection is allowed only through a socket file (Unix/linux system) or through Named pipes (Windows system), ICP/IP connection is not allowed; This improves security, but blocks external connections from the network and all Java clients (Java customers use TCP/IP even in local connections). The value can be set in/ETC/MYSQL/MY.CNF.

3. Bind permissions to the Mysql.user data sheet:

mysql> use MySQL;   Mysql> Grant All on * * to [e-mail protected] '% ' identified by ' password ' with GRANT OPTION;   #允许任何IP地址 (the '% ' character means this) PC, with the user account and password password to remotely access the entire MySQL Server (' *. * ' All)  #必须加类似这样的帐户, can be remote login. The root account cannot be logged on remotely and can only be logged on locally.
#绑定此server下某个特定数据库, such as only remote access to the ITest table #mysql> GRANT all on itest.* to [email protected] '% ' identified by ' password ' with G RANT OPTION;

4. Modify the MySQL configuration file:

$sudo vim/etc/mysql/my.cnf# Comment bind-address or specify an IP address instead

5. Save the file and restart the service

$sudo service apache2 restart# or sudo/etc/init.d/mysql restart

6. Under firewall rules, open 3306 port

$sudo Iptables-lchain INPUT (policy accept) target prot opt source Destinationchain FORWARD (policy accept) target Prot opt SOURCE Destinationchain OUTPUT (policy ACCEPT) target prot opt source destination# If the above occurs, there is no firewall rule, all ports are open # If firewall rules exist sudo vim/etc/sysconfig/iptables-a input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT (allow 80 ports via firewall)-A input-m STA Te–state new-m tcp-p tcp–dport 3306-j ACCEPT (Allow 3306 ports via firewall) Tips: Do not add these two rules to the last line of the firewall configuration, otherwise it will cause the firewall to fail to start and can be added to the bottom of Port 22. ##################################### Firewall configuration written by system-config-firewall ...-a input-m state–  State new-m tcp-p tcp–dport 22-j accept-a input-m state–state new-m tcp-p tcp–dport 80-j accept-a input-m State –state new-m tcp-p tcp–dport 3306-j accept-a input-j reject–reject-with icmp-host-prohibited ... ################ ################### #Tips: INPUT <--> rh-firewall-1-input use a different chain $sudo service apache2 restart# or $sudo/etc/depending on the configuration file Init.d/iptables Restart reboot Firewall

MySql Server (Debian Linux) remote access settings

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.