安装MySQL
通过Homebrew安装,执行brew install mysql即可。
安装完成后会显示Caveats警告,如下所示:
1
2
3
4
5
6
7
8
9
10
11
12We've installed your MySQL database without a root password. To secure it run:
mysql_secure_installation
MySQL is configured to only allow connections from localhost by default
To connect run:
mysql -uroot
To have launchd start mysql now and restart at login:
brew services start mysql
Or, if you don't want/need a background service you can just run:
mysql.server start
我们可以根据提示进行简单的配置。
安全设置向导mysql_secure_installation
使用brew命令安装完mysql后,根据提示我们可以知道当前root是没有密码的,我们可以通过执行mysql_secure_installation命令来进行安全设置。
同时这种方法也同样可以用来解决使用mysql -u root -p登录时的Access denied问题。
首先执行命令mysql_secure_installation,会出现如下的错误:
1Error: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)
当前/tmp/ 目录下并没有mysql.sock这个文档,它在mysql服务启动时才会创建,所以需要提前执行mysql.server start命令。提示如下:
1
2Starting MySQL
. SUCCESS!
这时候就可以正常执行mysql_secure_installation命令了。
建立密码验证插件
1
2
3
4
5
6
7Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin?
Press y|Y for Yes, any other key for No: y
选择密码规则
1
2
3
4
5
6
7
8
9
10
11
12
13
14There are three levels of password validation policy:
LOW Length >= 8
#长度大于等于8
MEDIUM Length >= 8, numeric, mixed case, and special characters
#长度大于等于8,数字、大小写字母、特殊符号
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
#长度大于等于8,数字、大小写字母、特殊符号和字典文档(慎选!)
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1
Please set the password for root here.
New password: (输入你的密码)
Re-enter new password: (再次输入你的密码)
创建符合规则的新密码
1
2Estimated strength of the password: 50 #密码强度
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
删除匿名用户
1
2
3
4
5By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother.
You should remove them before moving into a production environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
禁止远程登录
1
2
3
4Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.
删除测试数据表
1
2
3
4
5
6
7
8By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Done
1
2
3
4
5
6
7Reloading the privilege tables will ensure that all changes made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
#是否重新加载权限表
Success.
All done!
现在可以使用mysql -u root -p进行密码链接了。
可能会出现的问题
Your password does not satisfy the current policy requirements.
如果你在选择密码规则的时候不小心选择了2,也就是数字、大小写字母、特殊符号和字典文档的组合。这时候设置密码会出现如下提示:
1Your password does not satisfy the current policy requirements.
这时候重新运行mysql_secure_installation也不会再给你机会重新设置了。手动微笑,mmp。
解决方案如下:
使用命令mysql -uroot登陆,执行:
1
2set global validate_password_policy=0;
#将密码规则设置为LOW,就可以使用纯数字纯字母密码
LOW强度下密码位数的最低要求为8位,如果你想用诸如123456这类的密码,执行:
1
2set global validate_password_length=4;
#最低位数为4位
这个时候重新运行mysql_secure_installation就可以安心设置了。
相关参数
1
2
3
4
5
6
7
8
9
10
11validate_password_dictionary_file:插件用于验证密码强度的字典文档路径。
validate_password_length:密码最小长度。
validate_password_mixed_case_count:密码至少要包含的小写字母个数和大写字母个数。
validate_password_number_count:密码至少要包含的数字个数。
validate_password_policy:密码强度检查等级,0/LOW、1/MEDIUM、2/STRONG。
validate_password_special_char_count:密码至少要包含的特殊字符数。
838
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
