问题
I have spent all day trying to solve this. The thing I want to do is that: I have a MYSQL server, namely A with CentOS 7, in a private network, cannot be NAT or connected to VPN. Now I want to access this server from a remote machine, namely B with CentOS 6. I have ssh access to machine B remotely, and ssh access to machine A locally.
This approach I tried is to use SSH tunneling. On machine A terminal:
ssh -R 9001:localhost:3306 user@B
Then on B, I tried
mysql --port=9001 -u root -p
which gives
ERROR 2003 (HY000): Can't connect to MySQL server on 'mysql-server-1' (113)
Firstly I though it could be firewall or privileges, but then I connected A to public network physically with address, say C, which is a different network from B, and I can simpy use from B straight away
mysql -hC -u root -p
and it works without any problem.
Back to tunneling, I tried to telnet after SSH tunneling from A to B
ssh -R 9001:localhost:3306 user@B
telnet localhost 9001
which gives me
Trying ::1...
Connected to localhost.
Escape character is '^]'.
V
5.5.44-MariaDB-log)Gjb+N'u��;cbDkng;1!RXmysql_native_passwordConnection closed by foreign host.
-bash-4.1$
which seems to be something good, but I get the 2003 ERROR anyway.
Any thought of this? Maybe there is another work around to this problem?
P.S. I have tested all answer I could find, and the SSH tunnel works well with socket of other programs.
回答1:
make sure that the IP address of your local machine, from which you are trying to access mysql through VPN has privileges to access the database.
mysql> select host,user,password from mysql.user;
+------+------+-------------------------------------------+
| host | user | password |
+------+------+-------------------------------------------+
| % | abcd | *9B3E7610FB431631340BD618E58D49DF1928A251 |
| % | sync | *1747319F3F87039C382597515F8742920D9B75D1 |
| % | root | *FAAFFE644E901CFAFAEC7562415E5FAEC243B8B2 |
+------+------+-------------------------------------------+
Make sure that there is an entry for the ip address of local machine for the user through which you are logging in. You can also use % in the host field. % denotes all users.
You can add privileges through the following command
mysql> grant all on *.* to 'root'@'%' identified by <password>.
mysql> flush privileges
来源:https://stackoverflow.com/questions/36075336/mysql-error-2003-hy000-113-in-ssh-remote-tunneling-but-telnet-from-ssh-tunn