[CentOS] Connect to MySQL monitor on another host in the LAN ?

Les Mikesell lesmikesell at gmail.com
Tue Mar 23 17:19:50 UTC 2010

On 3/23/2010 10:56 AM, Niki Kovacs wrote:
> Hi,
> I'm running a medical application on a local network, using MySQL as a
> database. The application can also connect to remote hosts, so the idea
> is to install it on one machine acting as a "server", and then install
> it on the other machines on the LAN, but configure these to use the
> database on the "server". I guess before doing that, I'll better try and
> get comfortable with connecting remotely using the MySQL monitor itself,
> that is, without any application or some other frontend.
> Up until now, I've only configured MySQL in two situations. Either on
> standalone desktop workstations, or on a web server (LAMP).
> After installing MySQL (yum install mysql-server), the default setup has
> a few accounts without any password. First thing I usually do (correct
> me if this is wrong) is clean up these accounts and only keep one main
> root at localhost account.

Depending on the application, you'd usually want to create one or many 
users for each application with privileges limited to that application's 
database and only use the root account to create the new database(s) and 
manage users.  If it is a web app or something similar where individual 
users don't connect directly to the database you'd have one user in 
mysql for that app and a matching config in the web server.  If 
individual desktop clients will connect, you may want individual users 
in mysql for each connection so you can control the access levels for 
each one individually.

> Now what would be an orthodox (and somewhat secure) configuration to be
> able to connect to this MySQL server on 'raymonde' from another machine
> in the LAN ? Do I have to (re)create a root at raymonde MySQL account and
> eventually give it the same password than root at localhost ?

The @host is where the client is coming from, not the server name.  If 
you don't care where each client originates you can say 'user@%'.

   Les Mikesell
    lesmikesell at gmail.com

More information about the CentOS mailing list