mysql远程访问的设置

第一步: 激活网络设置
你需要编辑mysql配置文件my.cnf.
通常状况,my.cnf放置于在以下目录:
/etc/mysql/my.cnf (Debian linux)
/etc/my.cnf (Red Hat Linux/Fedora Linux)
/var/db/mysql/my.cnf (FreeBSD)
然后用vi编辑my.cnf,修改内容从以下行:
[mysqld]
你所需要:
1. 确保skip-networking被删除或者屏蔽,否则不支持TCP/IP 访问
2. 增加行bind-address = 65.55.55.2,替代65.55.55.2 为你的服务器地址
修改后,配置为:
[mysqld]
user = mysql
pid-file = /var/run/mysqld/mysqld.pid
socket = /var/run/mysqld/mysqld.sock
port = 3306
basedir = /usr
datadir = /var/lib/mysql
tmpdir = /tmp
language = /usr/share/mysql/English
bind-address = 65.55.55.2
# skip-networking
....
..
保存并关闭配置文件
重启mysql服务器:# /etc/init.d/mysql restart

第二步: 授权
方法一:
例如,你想myuser使用mypassword从任何主机连接到mysql服务器的话。
GRANT ALL PRIVILEGES ON *.* TO myuser@'%' IDENTIFIED BY 'mypassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
如果你想允许用户myuser从ip为192.168.1.6的主机连接到mysql服务器,并使用mypassword作为密码
GRANT ALL PRIVILEGES ON *.* TO 'myuser'@'192.168.1.3' IDENTIFIED BY 'mypassword' WITH GRANT OPTION;
FLUSH PRIVILEGES;
#################################
开启Mysql数据库的远程连接权限:
grant all privileges on *.* to 'root' @'%' identified by 'wrx123';
flush privileges;

方法二:

use mysql;

update user set host = '%' where user = '用户名'; (如果写成 host=localhost 那此用户就不具有远程访问权限)

FLUSH PRIVILEGES;



第三步: 配置防火墙

如果系统装有防火墙iptables,得设置下

修改防火墙配置文件:
vi /etc/sysconfig/iptables
增加下面一行:
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
如果想开通21等端口,只需要将3306换成21等要开放的端口就可以了。
附:iptables
==============================================
# Firewall configuration written by system-config-securitylevel
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp –icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp –dport 5353 -d 224.0.0.251 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp –dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 21 -j ACCEPT
-A RH-Firewall-1-INPUT -m state –state NEW -m tcp -p tcp –dport 3306 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT –reject-with icmp-host-prohibited
COMMIT

================================================
配置后,重新启动 iptable

service iptables restart

这时就可以从外网访问Mysql了。

第四步 测试
From remote system type command:
$ mysql -u webadmin –h 65.55.55.2 –p

 

 

 

 

对于授权的一些方法:

///////////////////////////////////////////////////////////////////////////////////////////////////////////////////

mysql默认root用户没有密码,输入mysql –u root 进入mysql

1、初始化root密码

进入mysql数据库
?1 mysql>update user set password=PASSWORD(‘123456’) where User='root';


2、允许mysql远程访问,可以使用以下三种方式:

a、改表。
?1
2
3
4 mysql -u root –p
mysql>use mysql;
mysql>update user set host = '%' where user = 'root';
mysql>select host, user from user;


b、授权。

例如,你想root使用123456从任何主机连接到mysql服务器。
?1 mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '123456' WITH GRANT OPTION;


如果你想允许用户jack从ip为10.10.50.127的主机连接到mysql服务器,并使用654321作为密码
?1
2 mysql>GRANT ALL PRIVILEGES ON *.* TO 'jack'@’10.10.50.127’ IDENTIFIED BY '654321' WITH GRANT OPTION;
mysql>FLUSH RIVILEGES


c:在安装mysql的机器上运行:
?1
2
3
4
5
6
7
8 //进入MySQL服务器
d:\mysql\bin\>mysql -h localhost -u root
//赋予任何主机访问数据的权限
mysql>GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION
//使修改生效
mysql>FLUSH PRIVILEGES
//退出MySQL服务器
mysql>EXIT

你可能感兴趣的:(mysql,防火墙)