Re: puTTy: Coonection reset by peer

Richard E. Silverman wrote:


Has anyone in any of these groups had this same problem with an ISP
that blocks port 3306????? I'm always getting a "connection reset by
peer" error when trying to connect to the offending ISP?
Are there any other ssh clients that I could use where I might actually
have a successful connection?

Home System: Windows XP Home
puTTy version: 0.58

Event Log:
Looking up website.com
Connecting to 24.229.1.5 (not a real IP address, just part of the
example)
Failed to connect to 24.229.1.5
Network Error: Connection reset by peer.

Your problem has nothing to do with "port 3306," or anything with your
port forwarding setup at all. The initial TCP connection to the server,
over which SSH would run, is either being refused or closed immediately
after opening. The first suggests that the server is not running SSH (or
it's firewalled off); the second, that the server is using libwrap and
your source address is not allowed.

- Richard

I'd agree with that.

GGG,

You should go into your ISP control panel and look at your ssh/ssl options.

On both of my hosts ssh was disabled by default. So I just had to go in and
enable it. I use putty too by the way, it is what I use to access my
servers from users computers. But for day to day you would find that an
'ssh -l username yourhost' from a Linux command line is easier, plus they
are no term problems because you generally have the same term settings on
the host as you have local, if not though the host will certainly emmulate
at least one of the main terms in use today.

Enabling the ssh may be all you need to do for your putty access.

If you need to go further, in the ssl section yours will hopefully give you
key creating options. Where you can take a copy of the public key, and
create ca's for your user or one just for your application.

As for special ports for MySQL that is a tricky area. But it might also have
an easy answer.

First, when you created the user/s that your MySQL application uses, which
connection did you give them? You might have only given local access.
Remember when you first setup MySQL you create two user access points for
the root or admin user like this,

mysqladmin -u root password 'yourpassword'
mysqladmin -u root hostname.com password 'yourpassword'

The difference is that the first is localhost access and the second is from
port. In your application, since all of it's access to the data is
localhost then you may not have created the second access via the url.

Generally in a database you create,

admin or root -> All access, use localhost and remote host. Though some,
including myself, reduce this to localhost only unless for some reason I
have to do my admin remotely, rather than ssh'ing in first.

application user -> nearly always is localhost only. If someone does manage
to grab a copy of your code then they will not get access to the data
because the code's user does not have a login via a remote host. There are
occasions when this isn't true, and yours may be one of those.

Then none or many users -> with various access rights.

So I would look using what ever you use to administer your MySQL and check
the username that you use for this can actually come in from a remote host.

I just re-read your post and think you have two different questions on this.
One being user access and the other being updates between your local and
remote copy of your MySQL databases.

Some ISPs lock down on these access ports because of cause everyone knows
the numbers and every hacker will have a go. But with the access rights
given as I said above, then the only danger is a remote user that has full
rights. Unfortunately some users have tried to use their root access to
MySQL for remote updates, even for day to day work, when it would be more
correct to use an admin like access to the database, who only has enough
rights to do the remote updates. Or better still, pull the updates local as
in sftp then perform the update using a localhost root only.


.

Relevant Pages

  • Re: Using Remote Desktop From an SBS Domain
    ... Right click My Network Places...Properties. ... computer that is on a remote network now. ... Internet connection, bypassing my SBS/ISA network all together. ... the port number you connect to from 80 to a port of your ...
    (microsoft.public.windows.server.sbs)
  • Re: Remote Web Workplace - Cannot Connect to Server Desktop, but can use outlook web access, tim
    ... You should absolutely close PORT 80 ... I had setup the services on the router but I hadn't then inserted them into the firewall rules set. ... Download Connection Manager, ... VBSCript: Remote Desktop Disconnected ...
    (microsoft.public.windows.server.sbs)
  • Re: MySQL/PHPMyAdmin on FC3 Connection Problem
    ... You say you opened the port 3306, ... that means that mysql is running and listening. ... If you had connection, then now try to access your mysql server from outside ... If you cannot connect on localhost, then please check that mysql is running ...
    (Fedora)
  • Re: ISA Rule for Remote Desktop?
    ... receives a connection on port 4125, it first compares the IP that sent the ... the remote PC is blocking 4125. ... logging interface in ISA to port 4125 when I attempt to do Remote Desktop ...
    (microsoft.public.windows.server.sbs)
  • Re: Can not get Remote Connection Working on XP Pro
    ... TCP Port 80 is used by IIS if you want to use the web based Remote Desktop ... I could not make a connection from the outside. ... > my linksys router. ...
    (microsoft.public.windowsxp.work_remotely)