Sequel Pro to remote MySQL access permissions

[John Lockwood]

I have installed MySQL server 5.5 in to an Ubuntu virtual machine and successfully configured it to allow network connections and also configured it for SSL. The same Ubuntu machine also has SSH enabled.

I am able to connect from the same Mac running Sequel Pro in Terminal via SSH, I am able to connect from Sequel Pro to MySQL either via a standard network connect direct to MySQL or via SSH. I have successfully used ssh_keygen to generate a private SSH key this works for Terminal and it appears Sequel Pro.

Tip: As the username used in OS X is different to the username used in Ubuntu I found that just entering the FQDN of the SSH/MySQL server field of Sequel Pro was not sufficient but entering the Ubuntu username like this user...@ubuntu.domain.com in the SSH server field solved this.

At this stage I have not created any MySQL databases. I would like initially to use Sequel Pro to view and/or modify user accounts in MySQL. However when I try this I get the following error.

'Unable to get list of users

An error occurred while trying to get the list of users.

Please make sure  you have the necessary privileges

to perform user management, including access to

the mysql.user table.'

I am using the 'root' account to login to MySQL.

What do I need to do to fix this?

PS. The Sequel Pro 1.0.2 software seems to show it supports using SSL connections (not to be confused with SSH) but the documentation on www.sequelpro.com says this is not yet supported. Is the documentation out of date?

[John Lockwood]

Solved the problem, I had set the MySQL server to bind to the official network address of the MySQL server, this was when I was testing normal network MySQL connections (successfully) and SSL network MySQL connections (unsuccessfully). However because when you are using and SSH tunnel you then are doing a local connection as far as the MySQL server is concerned it rejected the connection because the local address was not authorised - only the network address was.

For the moment I have got round this by using the bind value of 0.0.0.0 to allow any address, but once I have finished testing and setting things up I will switch to only allowing the local address to connect which will still allow SSH tunnelled connections.

I am now using SSH because despite a valid SSL certificate I just cannot get SSL connections to work.