Tell me more ×
Database Administrators Stack Exchange is a question and answer site for database professionals who wish to improve their database skills and learn from others in the community. It's 100% free, no registration required.
up vote 2 down vote favorite

I'm trying to connect to my database via SSH tunneling from one of our web app servers with MySQL Workbench. Here's the basic config; note that I changed some values in the screenshot for security reasons.

Workbench screenshot

The problem is every time I try to connect over an SSH tunnel from one of our app servers, I get the following error:

Failed to connect to us-east-1.amazonaws.com through SSH tunnel at computer.amazonaws.com with user social_shop_prod. Can't connect to MySQL server on 127.0.0.1.

However, if I use the same credentials over SSH via the following command line:

mysql -u social_shop_prod -h us-east-1.amazonaws.com -p

I can connect successfully and get the MySQL interactive command prompt.

Been talking with the rest of my development team here and none of us can figure out why I can't tunnel over SSH from our app servers with Workbench; but when I SSH to one of our app servers and connect to MySQL via the command line; I can connect successfully.

And why is it trying to connect over 127.0.0.1? I didn't specify that in the configuration; nor is my hosts file redirecting the domains shown below to that IP.

Any constructive input is greatly appreciated.

share|improve this question

2 Answers

up vote 1 down vote

Since you are connecting through a SSH tunnel, this means that the MySQL port 3306 from us-east-1.amazonaws.com is being opened locally on your computer. The ip address of your computer is 127.0.0.1 or localhost. When you connect to the mysql server on us-east-1.amazonaws.com, you're actually accessing it via 127.0.0.1, i.e. your computer. If you had another tunnel open, or MySQL running locally on your computer, then it may be that other MySQL server that's rejecting your authentication attempts

There are some tests you can try :

1. What ports is you Windows computer listening on

From a command prompt : netstat -a (lists all the ports that are open)

In linux it would be : netstat -tlpn

2. Basic connectivity test

From a DOS command prompt or linux console : telnet 127.0.0.1 3306

If you get a time out, or some other program responds then your tunnel isn't setup correctly.

3. Change the port number that MySQL Workbench is opening locally

We're assuming that MySQL workbench is creating the tunnel on your computer. If so, in MySQL workbench, try tunneling through another port number like 9000.

Make sure that 9000 wasn't listed as an open port from : netstat -a

If you have ssh access to us-east-1.amazonaws.com

4. Try connecting to MySQL from us-east-1.amazonaws.com

mysql -u myuser -h 127.0.0.1 -p

And as Rolando said, you'll want to verify that you are connecting with the right credentials. For example, if you are connecting as [email protected] and you have a user myuser without a host, you probably won't be able to connect using [email protected].

share|improve this answer
up vote 0 down vote

The reason that 127.0.0.1 is being contacted is because the tunnel connects a port on your local machine to the remote host. The message seems to suggest that an SSH connection is not being made.

Try this from the command line:

ssh -L 33000:remotehost:3306 user@remotehost

Make sure that SSH is allowing forwarded ports; if you get a message that states the forward was not permitted or was refused, then that is why.

To fix this, you'd have to change the server configuration; add this configuration to the SSH server:

AllowTcpForwarding yes

Don't forget to restart the server to activate this configuration.

share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.