MySQL Remote Access Documentation
This guide covers setting up MySQL for remote access on Linux, including creating users, granting privileges, firewall setup, and testing.
Install MySQL
# Update packages
sudo apt update
# Install MySQL server
sudo apt install mysql-server -y
sudo apt update
# Install MySQL server
sudo apt install mysql-server -y
Check MySQL Version
mysql --version
Create Remote MySQL User
# Log in as root
sudo mysql -u root -p
# Create user (replace USER, PASSWORD, and IP)
CREATE USER 'remoteuser'@'192.168.1.50' IDENTIFIED BY 'StrongPassword';
# Or allow any IP (less secure)
CREATE USER 'remoteuser'@'%' IDENTIFIED BY 'StrongPassword';
sudo mysql -u root -p
# Create user (replace USER, PASSWORD, and IP)
CREATE USER 'remoteuser'@'192.168.1.50' IDENTIFIED BY 'StrongPassword';
# Or allow any IP (less secure)
CREATE USER 'remoteuser'@'%' IDENTIFIED BY 'StrongPassword';
Grant Privileges
GRANT ALL PRIVILEGES ON database_name.* TO 'remoteuser'@'192.168.1.50';
GRANT ALL PRIVILEGES ON database_name.* TO 'remoteuser'@'%'; # For wildcard access
GRANT ALL PRIVILEGES ON database_name.* TO 'remoteuser'@'%'; # For wildcard access
Apply Privileges
FLUSH PRIVILEGES;
Edit bind-address
# Edit MySQL config
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
# Find and change:
bind-address = 0.0.0.0 # 0.0.0.0 allows all interfaces
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf
# Find and change:
bind-address = 0.0.0.0 # 0.0.0.0 allows all interfaces
Optional: my.cnf Firewall & Network
# Make sure skip-networking is disabled
skip-networking = 0
skip-networking = 0
Allow MySQL in UFW
sudo ufw allow 3306/tcp
sudo ufw reload
sudo ufw reload
Port & IP Restrictions
# Allow only specific IP
sudo ufw allow from 192.168.1.50 to any port 3306
# Allow from subnet
sudo ufw allow from 192.168.1.0/24 to any port 3306
sudo ufw allow from 192.168.1.50 to any port 3306
# Allow from subnet
sudo ufw allow from 192.168.1.0/24 to any port 3306
Security Tips
# Use strong passwords for all MySQL users
# Avoid '%' wildcard unless necessary
# Consider VPN or SSH tunnel for public servers
# Do not expose MySQL directly to the internet
# Avoid '%' wildcard unless necessary
# Consider VPN or SSH tunnel for public servers
# Do not expose MySQL directly to the internet
Test Remote Connection
# From remote Linux machine
mysql -u remoteuser -p -h SERVER_IP
# From Windows using MySQL Workbench
Hostname: SERVER_IP
Username: remoteuser
Password: StrongPassword
mysql -u remoteuser -p -h SERVER_IP
# From Windows using MySQL Workbench
Hostname: SERVER_IP
Username: remoteuser
Password: StrongPassword
Check MySQL Logs
sudo tail -f /var/log/mysql/error.log
sudo tail -f /var/log/mysql/mysql.log
sudo tail -f /var/log/mysql/mysql.log