MYSQL Server (Debian Linux) remote access settings

1. Log in to MySQL Server:

$mysql-U root-p

2. Check the network, whether the server allows remote connections:

Mysql> Show variables like '%skip_networking% '; This value should be ' off ' and the general default value is ' off ', which means that TCP/IP connections are allowed

Skip_networking: Local connection is allowed only through a socket file (Unix/linux system) or through Named pipes (Windows system), ICP/IP connection is not allowed; This improves security, but blocks external connections from the network and all Java clients (Java customers use TCP/IP even in local connections). The value can be set in/ETC/MYSQL/MY.CNF.

3. Bind permissions to the Mysql.user data sheet:

mysql> use MySQL;   Mysql> Grant All on * * to [e-mail protected] '% ' identified by ' password ' with GRANT OPTION;   #允许任何IP地址 (the '% ' character means this) PC, with the user account and password password to remotely access the entire MySQL Server (' *. * ' All)  #必须加类似这样的帐户, can be remote login. The root account cannot be logged on remotely and can only be logged on locally.

#绑定此server下某个特定数据库, such as only remote access to the ITest table #mysql> GRANT all on itest.* to [email protected] '% ' identified by ' password ' with G RANT OPTION;

4. Modify the MySQL configuration file:

$sudo vim/etc/mysql/my.cnf# Comment bind-address or specify an IP address instead

5. Save the file and restart the service

$sudo service apache2 restart# or sudo/etc/init.d/mysql restart

6. Under firewall rules, open 3306 port

$sudo Iptables-lchain INPUT (policy accept) target prot opt source Destinationchain FORWARD (policy accept) target Prot opt SOURCE Destinationchain OUTPUT (policy ACCEPT) target prot opt source destination# If the above occurs, there is no firewall rule, all ports are open # If firewall rules exist sudo vim/etc/sysconfig/iptables-a input-m state–state new-m tcp-p tcp–dport 80-j ACCEPT (allow 80 ports via firewall)-A input-m STA Te–state new-m tcp-p tcp–dport 3306-j ACCEPT (Allow 3306 ports via firewall) Tips: Do not add these two rules to the last line of the firewall configuration, otherwise it will cause the firewall to fail to start and can be added to the bottom of Port 22. ##################################### Firewall configuration written by system-config-firewall ...-a input-m state–  State new-m tcp-p tcp–dport 22-j accept-a input-m state–state new-m tcp-p tcp–dport 80-j accept-a input-m State –state new-m tcp-p tcp–dport 3306-j accept-a input-j reject–reject-with icmp-host-prohibited ... ################ ################### #Tips: INPUT <--> rh-firewall-1-input use a different chain $sudo service apache2 restart# or $sudo/etc/depending on the configuration file Init.d/iptables Restart reboot Firewall

MySql Server (Debian Linux) remote access settings