mysql在my.cnf的[client]部分填写user和password,且是明文的,容易导致密码泄露。
mysql5.6新功能增强了用户密码安全特性,让用户在不知道密码的情况下可以登录,使密码对第三方用户保密。
mysql_config_editor set --login-path=test(自定义的名字) --user=root --host=localhost --password
Enter password: (输入密码)登录测试:
mysql --login-path=test(对应上面设置的自定义名字)
用户密码被修改后,需要重新创建login-path。
mysql_config_editor print --all <span style="color: rgb(51, 51, 51); font-family: Arial; font-size: 14px; line-height: 26px;">查看.mylogin.cnf的内容</span>
[root@li994-180 tmp]# mysql_config_editor set --login-path=anquan --host=localhost --user=ljk --password ------
Enter password:
[root@li994-180 tmp]# mysql --login-path=anquan
ERROR 1045 (28000): Access denied for user 'ljk'@'localhost' (using password: YES)
[root@li994-180 tmp]#
[root@li994-180 tmp]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.6.27 MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create user ljk@'localhost' identified by 'hello';
Query OK, 0 rows affected (0.01 sec)
mysql> exit
Bye
[root@li994-180 tmp]# mysql --login-path=anquan
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.6.27 MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> exit
Bye
[root@li994-180 tmp]# cd
[root@li994-180 ~]# file .mylogin.cnf <span style="color: rgb(102, 102, 102); font-family: 宋体, Arial; font-size: 16px; line-height: 26px;">mysql_config_edit 加密后的数据保存在用户主目录下</span>
.mylogin.cnf: data
[root@li994-180 ~]#
[root@li994-180 ~]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 5.6.27 MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> create user lijingkuan@'localhost' identified by 'lijingkuan';
Query OK, 0 rows affected (0.00 sec)
mysql> exit
Bye
[root@li994-180 ~]# mysql_config_editor set --login-path=ceshi --host=localhost --user=lijingkuan --password
Enter password:
[root@li994-180 ~]# mysql --login-path=ceshi
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.6.27 MySQL Community Server (GPL)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> exit
Bye
[root@li994-180 ~]#
[root@li994-180 ~]#
[root@li994-180 ~]# mysql_config_editor print --all
[anquan]
user = ljk
password = *****
host = localhost
[ceshi]
user = lijingkuan
password = *****
host = localhost
[root@li994-180 ~]#
[root@li994-180 ~]#