不允许主机 'xxx.xx.xxx.xxx' 连接到此 MySQL 服务器
这应该非常简单,但我无法让它在我的生活中发挥作用.
我只是想远程连接到我的 MySQL 服务器.
This should be dead simple, but I cannot get it to work for the life of me.
I'm just trying to connect remotely to my MySQL server.
- 连接方式:
mysql -u root -h localhost -p
- 工作正常,但正在尝试:
mysql -u root -h 'any ip address here' -p
- 因错误而失败:
ERROR 1130 (00000): Host ''xxx.xx.xxx.xxx'' is not allowed to connect to this MySQL server
在 mysql.user
表中,主机为 'localhost' 的用户 'root' 和主机为 '%' 的用户的条目完全相同.
In the mysql.user
table, there is exactly the same entry for user 'root' with host 'localhost' as another with host '%'.
我不知所措,不知道如何继续.欢迎提出任何想法.
I'm at my wits' end and have no idea how to proceed. Any ideas are welcome.
推荐答案
可能是一种安全预防措施.您可以尝试添加一个新的管理员帐户:
Possibly a security precaution. You could try adding a new administrator account:
mysql> CREATE USER 'monty'@'localhost' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'localhost'
-> WITH GRANT OPTION;
mysql> CREATE USER 'monty'@'%' IDENTIFIED BY 'some_pass';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'monty'@'%'
-> WITH GRANT OPTION;
尽管 Pascal 和其他人已经指出,让具有这种访问权限的用户对任何 IP 开放并不是一个好主意.如果您需要管理用户,请使用 root,并将其保留在 localhost 上.对于任何其他操作,请准确指定您需要的权限,并按照 Pascal 在下面的建议限制用户的可访问性.
Although as Pascal and others have noted it's not a great idea to have a user with this kind of access open to any IP. If you need an administrative user, use root, and leave it on localhost. For any other action specify exactly the privileges you need and limit the accessibility of the user as Pascal has suggest below.
来自 MySQL 常见问题:
From the MySQL FAQ:
如果你不明白为什么你会得到访问被拒绝,从用户中删除表所有具有主机的条目包含通配符的值(条目包含 '%' 或 '_' 字符).一种很常见的错误是插入一个新的带有 Host='%' 和的条目User='some_user',认为这个允许您指定 localhost从同一台机器连接.这这不起作用的原因是默认权限包括带有 Host='localhost' 和的条目用户=''.因为该条目有一个 Host值 'localhost' 是更多特定于 '%',它用于优先考虑新条目时从本地主机连接!正确的程序是插入第二个条目与 Host='localhost' 和User='some_user',或者删除带有 Host='localhost' 和的条目用户=''.删除条目后,记得发出 FLUSH PRIVILEGES语句来重新加载授权表.另见第 5.4.4 节,访问控制,阶段 1:连接验证".
If you cannot figure out why you get Access denied, remove from the user table all entries that have Host values containing wildcards (entries that contain '%' or '_' characters). A very common error is to insert a new entry with Host='%' and User='some_user', thinking that this allows you to specify localhost to connect from the same machine. The reason that this does not work is that the default privileges include an entry with Host='localhost' and User=''. Because that entry has a Host value 'localhost' that is more specific than '%', it is used in preference to the new entry when connecting from localhost! The correct procedure is to insert a second entry with Host='localhost' and User='some_user', or to delete the entry with Host='localhost' and User=''. After deleting the entry, remember to issue a FLUSH PRIVILEGES statement to reload the grant tables. See also Section 5.4.4, "Access Control, Stage 1: Connection Verification".
相关文章