Having an issue with some MySQL clients, but not others, being unable to remote login

I have a MySQL database that will allow some clients to login remotely and not others.

When I say “clients”, I mean “Linux computers”.

If I, on my workstation, use Windows Subsystem for Linux’s mariadb-client package to attempt to connect to the remote mysql server (running MariaDB) with the following command, it works fine:

mysql -u user -p -h 10.0.0.250

With the same command on other clients, it doesn’t work. I get this error:

ERROR 2003 (HY000): Can’t connect to MySQL server on ‘10.0.0.250’ (111)

The password is dead-simple, and the error for a bad password is different AFAIK.

The server is configured to listen on all interfaces, publish port 3306, firewalld is disabled and iptables is not installed.

The user has permissions to access every table, and is allowed to remote in from any IP. This all done for testing purposes.

The config file for mariadb /etc/my.cnf doesn’t have skip-networking since I can login.

What would cause this? What is required for a client to be able to connect to a remote mysql database that would be client specific? They’re all on the same Subnet and IP Range.

Any outbound firewall rules on the clients?

Also, maybe try specifying the port from the client, even though it’s on the default port.

So as it turns out, there was a misconfiguration on the PRIVILEGES table.

Somehow the user was added with all privileges, but also was added as privileges to a specific database but with no password specified.

Removing this privilege fixed the issue.

Edit:

The issue resurfaced in that the remote server that needed to login to the MySQL server kept getting a Connection Refused error.

Every other client could connect, but that one wouldn’t.

Turns out we had to whitelist the IP Address on the client for it to connect. How or why, I have no idea. I always thought Outbound traffic was all whitelisted unless explicitly blacklisted on firewalls.

3 Likes