mysql - 主机“ xxx.xx.xxx.xxx”不允许连接到该MySQL服务器(Host 'xxx.xx.xxx.xxx' is not allowed to connect to this MySQL server)

Question

This should be dead simple, but I cannot get it to work for the life of me.

(这本来应该很简单，但是我无法让它在我的一生中发挥作用。)
I'm just trying to connect remotely to my MySQL server.

(我只是想远程连接到我的MySQL服务器。)

connecting as

(连接为)

mysql -u root -h localhost -p  

works fine, but trying

(工作正常，但尝试)

mysql -u root -h 'any ip address here' -p

fails with the error

(失败并显示错误)

ERROR 1130 (00000): Host ''xxx.xx.xxx.xxx'' is not allowed to connect to this MySQL server

In the mysql.user table, there is exactly the same entry for user 'root' with host 'localhost' as another with host '%'.

(在mysql.user表中，具有主机“ localhost”的用户“ root”与具有主机“％”的另一个用户的条目完全相同。)

I'm at my wits' end, and have no idea how to proceed.

(我处于机智，不知道如何进行。)

Any ideas are welcome.

(任何想法都欢迎。)

  ask by concept47 translate from so

Answer 1

Possibly a security precaution.

(可能是安全预防措施。)

You could try adding a new administrator account:

(您可以尝试添加新的管理员帐户：)

mysql> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost'
    ->     WITH GRANT OPTION;
mysql> CREATE USER 'monty'@'%' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'%'
    ->     WITH GRANT OPTION;

Although as Pascal and others have noted it's not a great idea to have a user with this kind of access open to any IP.

(尽管正如Pascal和其他人所指出的那样，让具有这种访问权限的用户可以访问任何IP并不是一个好主意。)

If you need an administrative user, use root, and leave it on localhost.

(如果需要管理用户，请使用root，并将其保留在localhost上。)

For any other action specify exactly the privileges you need and limit the accessibility of the user as Pascal has suggest below.

(对于任何其他操作，请准确指定所需的特权，并按照Pascal的建议限制用户的可访问性。)

Edit:

(编辑：)

From the MySQL FAQ:

(从MySQL常见问题解答：)

If you cannot figure out why you get Access denied, remove from the user table all entries that have Host values containing wildcards (entries that contain '%' or '_' characters).

(如果无法弄清为什么拒绝访问，请从用户表中删除所有具有包含通配符的主机值的条目（包含“％”或“ _”字符的条目）。)

A very common error is to insert a new entry with Host='%' and User='some_user', thinking that this allows you to specify localhost to connect from the same machine.

(一个非常常见的错误是使用Host ='％'和User ='some_user'插入一个新条目，以为您可以指定本地主机从同一台计算机进行连接。)

The reason that this does not work is that the default privileges include an entry with Host='localhost' and User=''.

(之所以不起作用，是因为默认特权包括Host ='localhost'和User =''的条目。)

Because that entry has a Host value 'localhost' that is more specific than '%', it is used in preference to the new entry when connecting from localhost!

(由于该条目的主机值'localhost'比'％'更具体，因此从localhost连接时，它优先于新条目使用！)

The correct procedure is to insert a second entry with Host='localhost' and User='some_user', or to delete the entry with Host='localhost' and User=''.

(正确的过程是插入第二个具有Host ='localhost'和User ='some_user'的条目，或删除具有Host ='localhost'和User =''的条目。)

After deleting the entry, remember to issue a FLUSH PRIVILEGES statement to reload the grant tables.

(删除条目后，请记住发出FLUSH PRIVILEGES语句以重新加载授权表。)

See also Section 5.4.4, “Access Control, Stage 1: Connection Verification”.

(另请参见第5.4.4节“访问控制，阶段1：连接验证”。)