Navicat 连接阿里云上MySQL报 2059 - authentication plugin 'caching_sha2_password' ..... 解决方法
MySQL :80
错误原因:MySQL新版本(8以上版本)的用户登录账户加密方式是【caching_sha2_password】,Navicat不支持这种用户登录账户加密方式。
1、连接报错
2、登录到mysql,云上的服务器也一样
3、先查看一下加密的方式
show variables like 'default_authentication_plugin';
4、查看本地mysql用户的信息
select host,user,plugin from mysql.user;
可以看到root账户的加密方式是caching_sha2_password;
5、Navicat不支持MySQL新版本的这种用户登录账户加密方式,所以下面我们要修改root账户的加密方式为【mysql_native_password】,如图所示,输入:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '123456';
6、最后,再重新打开Navicat连接MySQL,就可以成功用root账户连接了。
6.1、配置阿里云服务器安全组规则:
6.2、配置外网连接授权:
#选择mysql数据库
use mysql;
#修改root 用户的连接地址现在 localhost 为本机 也可指定固定ip 此处 % 开启所有ip访问
update user set host='%' where user='root';
#刷新权限
flush privileges;
6.3、测试连接
遇到问题:
1、ERROR 1396 (HY000): Operation ALTER USER failed for 'root'@'localhost':
原因: 数据库 user 配置的host 是%,你使用'root'@'localhost' 连不上。
1.1、先登录mysql
mysql -u root -p
1.2、输入密码
mysql> use mysql;
mysql> select user,host from user;
+------------------+-----------+
| user | host |
+------------------+-----------+
| root | % |
| admin | localhost |
| mysql.infoschema | localhost |
| mysql.session | localhost |
| mysql.sys | localhost |
| zhangj | localhost |
+------------------+-----------+
你可能执行的是:
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY '123';
改成:
ALTER USER 'root'@'%' IDENTIFIED WITH mysql_native_password BY '123';
2、MySQL重置登录密码的问题
2.1、查看初始密码,用于第一次登录MySQL
grep "A temporary password" /var/log/mysqld.log
2.2、安装完mysql-server 运行mysql_secure_installation,进行初始化密码
--为root用户设置密码
--删除匿名账号
--取消root用户远程登录
--删除test库和对test库的访问权限
--刷新授权表使修改生效
通过这几项的设置能够提高mysql库的安全。
建议生产环境中mysql安装这完成后一定要运行一次mysql_secure_installation,相关操作如下:
[root@localhost ~]# mysql_secure_installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):<–初次运行直接回车
OK, successfully used password, moving on…
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
Set root password? [Y/n] #是否设置root用户密码,输入y并回车或直接回车
New password: #设置root用户的密码
Re-enter new password: #再输入一次你设置的密码
Password updated successfully!
Reloading privilege tables..
… Success!
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? [Y/n] #是否删除匿名用户,生产环境建议删除,所以直接回车
… Success!
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] #是否禁止root远程登录,根据自己的需求选择Y/n并回车,建议禁止
… Success!
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] #是否删除test数据库,直接回车
- Dropping test database…
… Success!
- Removing privileges on test database…
… Success!
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] #是否重新加载权限表,直接回车
… Success!
Cleaning up…
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
[root@localhost ~]#
小结:
1、打开MySQL 命令行客户端;
2、输入自己安装MySQL时设置的密码,登录客户端;
3、查看一下加密的方式;
4、查看本地mysql用户的信息;
5、修改root账户的加密方式为【mysql_native_password】;
6、重新打开Navicat连接MySQL即可。