Follow the commands below to setup a new user and open up for remote access to a specific database on your MySQL server.
$ mysql -u root -p Enter your MySQL root password. mysql> CREATE USER 'itdb_admin'; mysql> CREATE DATABASE itdb_db; mysql> GRANT ALL PRIVILEGES ON itdb_db.* to 'itdb_admin'@'%' IDENTIFIED BY 'my-password' WITH GRANT OPTION; mysql> FLUSH PRIVILEGES; mysql> EXIT; $ sudo nano /etc/mysql/my.cnf Comment the following line by setting a # in front (to disable it): bind-address = 127.0.0.1 $ sudo service mysql restart
1) Open the MySQL CLI 2) Create a new database 3) Create a new user 4) Give the user full access to the database. Notice the '%' which means we’re talking about remote access. The same user can have different access levels based on the connection (whether it’s remote or local) 5) Flush/refresh the privileges so they become active 6) Disable bind-address so the MySQL server will listen on any source address 7) Restart the MySQL service to reload the config file
Scenario: I’m remote controlling a colleague’s computer to assist with some software issues. After fixing one of them the computer needed a restart, but the other issue required some more troubleshooting so I disconnected from his computer and proceeded to excersise some Google Fu.
Fast forward a few minutes.
I see he still hasn’t rebooted his computer like he said he would, so I ask him:
Me: I found a solution, would you like me to remote in to your PC now or are you going to restart first?
Me (thinking): Well, wtf do I do now
Here’s a quick example for setting up reverse SSH tunnels on clients which can be controlled via the server from anywhere. This example presumes all the client computers has some sort of unique ID/hostname, like 9001, 9002, 9003, 9004 etc. Let’s say we have 10 clients stuck behind a firewall we’d like to access.
Start the SSH server on all clients like this:
ssh -R 1xxxx:localhost:22 email@example.com // replace xxxx with this client's unique id
Now we have all our clients setup with a reversed ssh tunnel.
If we’d like to ssh into id 9003 we run the following command from the server:
ssh user@localhost -p 19003
Lets ssh into 9005 instead:
ssh user@localhost -p 19005
Replace user with a local user on the client machine.
I want to ssh into my Raspberry Pi. Local username is pi.
Step 1 – setup reverse ssh tunnel on the raspberry: ssh -R 19999:localhost:22 firstname.lastname@example.org
Step 2 – from my “it-db.com” server I run the following command: ssh pi@localhost -p 19999