2

Today I've been trying to access MySQL running on my remote work machine (Ubuntu), from my home machine (OSX), and I've had no success.

On my work machine, I've checked the following:

sudo netstat -ntlup | grep mysql

gives 

tcp        0      0 0.0.0.0:3306            0.0.0.0:*               LISTEN      23692/mysqld

and nmap tells me

PORT     STATE SERVICE
3306/tcp open  mysql

and in /etc/mysql/my.cnf I've set bind-address = 0.0.0.0

I've also run the following iptables rules:

iptables -A INPUT -i lo -p tcp --dport 3306 -j ACCEPT
iptables -A OUTPUT -o lo -p tcp --sport 3306 -j ACCEPT

What else can I check?

If there is some corporate network rule blocking my MySQL access, what could I check to find this?

The only way I can make this work is ssh tunnelling: 

ssh -L 8080:localhost:3306 my_user_name@my_dev_machine_IP

and then if I do

mysql -h 127.0.0.1 --port=8080 -u root -p

I can get in. If I close the ssh tunnel, then I can't log in via mysql, nor even via telnet remote_IP 3306.

But this is no good for what I want, because I need the PHP code running on my local machine to be able to access the remote database.

I've also (hopefully temporarily) opened up the access to the MySQL databases to all hosts/IP: 

GRANT ALL PRIVILEGES ON *.* TO 'application_username'@'%'
FLUSH PRIVILEGES

Any advice gratefully received!

Monkeybrain
  • 766
  • 5
  • 23

1 Answers1

0

Ubuntu has uwf - in some vps installations it is enabled by default. So, if it is, do sudo ufw allow 3306. I am writing this jsut in case you run nmap from your work machine. If nmap shows that result run from your mac, then this does not apply.

rollingBalls
  • 1,808
  • 1
  • 14
  • 25
  • Many thanks for this @rollingBalls - the ``sudo ufw allow 3306`` seems to have made a difference! I now get as far as ``ERROR 1045 (28000): Access denied for user 'root'@'192.FOO.BAR.BAZ' (using password: YES)``. Even when I log into MySQL on my Ubuntu box and set ``GRANT ALL PRIVILEGES ON *.* TO '%'@'%'``, I still get this error. Can it be something to do with my ISP setup? The IP address shown in that error message is not the same as I get from browsing to "whatismyip.com", although it does match what I see from the ``utun0`` portion of the ``ifconfig`` output on my home OSX machine. – Monkeybrain Oct 16 '15 at 17:28
  • Ah! I've just learned that the ``utun0`` data relates to my VPN connection. If that helps. – Monkeybrain Oct 16 '15 at 17:30