DUDE! THANK YOU SO MUCH! I have been scouring the net for this! I could not figure out why the heck I could not connect to mysql remotely. I tried EVERYTHING (opening ports, re-install mysql, etc).

Really, THANK YOU!

There's good info in this thread but unfortunately it did not help me. Reason being is that I am hosting on godaddy.com and they don't allow you to connect to your MySQL DB remotely.

http://help.godaddy.com/article.php?...4&topic_id=67&

So can anyone recommend me a good hosting service that does allow remote DB access?

I'm having the same problem.

I have reviewed all the previous messages and we're OK. (no skip networking, default port 3360, no firewall, local connections work noproblem.)

Were are running :

Red Hat Enterprise Linux ES release 3 (Taroon Update 8)
Kernel 2.4.21-47.ELsmp on an i686

Your MySQL connection id is 13 to server version: 5.0.24-standard-log

When I connect via mysql -h option I get:

$ mysql -unbps2 -pnbps2 nbps2 -h machine.domain.com
ERROR 2003 (HY000): Can't connect to MySQL server on 'machine.domain.com' (111)

When I add the port number to the command line I get:

$ mysql -unbps2 -pnbps2 nbps2 -h machine.domain.com -P3306
ERROR 1045 (28000): Access denied for user 'nbps2'@'machine' (using password: YES)

We have recently upgraded to MySQL 5 from 3.23.58.

Thanks for any help.

Greg

All,

I solved the "Cannot connect" problem. I needed to edit the /etc/services file. I'm not sure what it's used for, but there were lines in it changing the default port:

mysql 1034/tcp # MySQL
mysql 1034/udp # MySQL

From what I gather it seems as though the client checks it if no port is specified on the command line.

On to access denied.

Greg

OK, I got the "access denied" issue solved.

From the research I've done, the reverse DNS lookup is not returning a string which matches the hostname. Since the reverse look up resolves to "LocalMachine.Domain.com" and the hostname is "LocalMachine", they don't match. "LocalMachine.Domain.com" doesn't even match the host '%'.

The key is in the error message If you try to connect:
mysql -unbps2 -pnbps2 -h RemoteMachineName.domain.com
and get the error message:
ERROR 1045 (28000): Access denied for user 'nbps2'@'LocalMachineName' (using password: YES)

you see that the server you tried to connect to is different from the servername in the error message.

Editing the etc/my.cnf file with:

[mysqld]
skip-name-resolve

fixes the problem. It also speeds up the DB interaction.

Why now and not with MySQL 3 (from which we migrated)? I can only assume MySQL 5 is stricter.

Note: Yes; I know '%' is unsecure and adding skip-name-resolve is even more unsecure. I think we're OK since all DB access is done via canned queries in PHP apps.

Greg

Huh? Just because your PHP application is the only thing you access MySQL with doesn't mean it's the only way anyone can access MySQL. If you bind it to your public network interface, anyone can access it. Also, are you certain your PHP apps are written absolutely tightly and are not vulnerable to SQL injections? You could be one skiddie away from a trashed database.

Listen: There is a reason why later version of MySQL and recent Linux distributions lock it down so much by default: It was previously very unsafe and very easy to exploit! Essentially what you are all doing is removing all the security and making it exploitable again.

It's already been said once in this thread, but here's the solution: Use a VPN or SSH tunnel to access to box, then access MySQL locally without needing to bind it to external network interfaces. Yes, this will even allow you to access it with the GUI tools from your desktop. You just need to setup a port-forwarded ssh connection to your database server and tell your GUI client to connect to the local port on your machine (the local side of the ssh port-forward).

Stop trying to defeat security that is there for a good reason. You should be working hard to find a secure alternative to what you're trying to do, instead of working heard to defeat the security.