ubuntu 系统安装完成mysql后,无密码也可以登录mysql。输入密令mysql都可以直接进入数据库
网上查资料说是没有启用 mysql_native_password plugin 的问题,下面是简单的解决此类问题的一些方法。
apt-get install mysql-server
输入命令mysql可以跳过密码认证直接进到数据库中
root@yaoyafei:~# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.35-0ubuntu0.18.04.1 (Ubuntu)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
下面查看root的plugin配置 注:5.5.7开始,mysql引入plugins以进行用户连接时的密码验证
mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> select user,plugin from user;
+------------------+-----------------------+
| user | plugin |
+------------------+-----------------------+
| root | auth_socket |
| mysql.session | mysql_native_password |
| mysql.sys | mysql_native_password |
| debian-sys-maint | mysql_native_password |
+------------------+-----------------------+
4 rows in set (0.00 sec)
查看到root的plugin的值是auth_socket
auth_socket: 如果您安装5.7并且没有为root用户提供密码,它将使用auth_socket插件。该插件不关心,也不需要密码。它只检查用户是否使用UNIX套接字进行连接,然后比较用户名。(PS:使用auth_socket,服务器本地登录的时候根本不需要密码,而其他主机无论如何都登不上去,除非配置文件设置skip-grant-tables)
需要修改为mysql_native_password 客户端支持的是mysql_native_password 这种加密方式;
mysql> update user set plugin= 'mysql_native_password' where user= 'root';
mysql> select user,plugin from user;
+------------------+-----------------------+
| user | plugin |
+------------------+-----------------------+
| root | mysql_native_password |
| mysql.session | mysql_native_password |
| mysql.sys | mysql_native_password |
| debian-sys-maint | mysql_native_password |
+------------------+-----------------------+
4 rows in set (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
退出,你会发现输入mysql命令还能进到数据库 那是因为没设密码 ,修改一下密码,重启mysql即可。
root@yaoyafei:~# mysqladmin -uroot -p password 'yaoyafei';
Enter password:
mysqladmin: [Warning] Using a password on the command line interface can be insecure.
Warning: Since password will be sent to server in plain text, use ssl connection to ensure password safety.
root@yaoyafei:~# /etc/init.d/mysql restart
[ ok ] Restarting mysql (via systemctl): mysql.service.
验证
root@yaoyafei:~# mysql
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
需要输入密码
root@yaoyafei:~# mysql -uroot -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)
root@yaoyafei:~# mysql -uroot -pyaoyafei
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 7
Server version: 5.7.35-0ubuntu0.18.04.1 (Ubuntu)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
还有一种重置密码的方式,MySQL安全配置向导mysql_secure_installation
修改完mysql的密码认证方式后,重启mysql然后执行这个程序
sudo mysql_secure_installation
进入配置选项
root@yaoyafei:~# mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password. 使用空白密码连接到MySQL。
VALIDATE PASSWORD PLUGIN can be used to test passwords 验证密码插件可用于测试密码
and improve security. It checks the strength of password 改善安全。它检查密码的强度
and allows the users to set only those passwords which are 并允许用户仅设置以下密码:
secure enough. Would you like to setup VALIDATE PASSWORD plugin? 足够安全。是否要设置验证密码插件?
#我这里已经设置过密码
Press y|Y for Yes, any other key for No: 按y | y表示是,按任何其他键表示否:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 0 这里是密码的强度程度,可自定义我设置的是0 = low
Please set the password for root here. 请在此处设置root用户的密码。
New password: 输两次密码
Re-enter new password:
Estimated strength of the password: 50 密码的估计强度:50
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
是否要继续使用提供的密码?(按y | y表示是,按任何其他键表示否): Y
By default, a MySQL installation has an anonymous user, 默认情况下,MySQL安装有一个匿名用户,
allowing anyone to log into MySQL without having to have 允许任何人登录MySQL而无需
a user account created for them. This is intended only for 为他们创建的用户帐户。这仅适用于
testing, and to make the installation go a bit smoother. 测试,并使安装更顺利。
You should remove them before moving into a production 您应该在进入生产环境之前删除它们
environment. 环境
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y 删除匿名用户(按y | y表示是,按任何其他键
表示否):y
Success.
Normally, root should only be allowed to connect from 通常情况下,root只能从连接
'localhost'. This ensures that someone cannot guess at “本地主机”。这确保了有人无法猜到
the root password from the network. 来自网络的根密码。
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y不允许根用户远程登录(按y | y表示是,
按任何其他键表示否):y
Success.
By default, MySQL comes with a database named 'test' that 默认情况下,MySQL附带一个名为“test”的数据库
anyone can access. This is also intended only for testing, 任何人都可以访问。这也仅用于测试,
and should be removed before moving into a production 在进入生产前应将其移除
environment. 环境
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y 是否删除测试数据库
并访问它(按y | y表示是,按任何其他键表示否):y
- Dropping test database...
Success.
- Removing privileges on test database... -正在删除测试数据库上的权限。。。
Success.
Reloading the privilege tables will ensure that all changes 重新加载特权表将确保所有更改
made so far will take effect immediately. 到目前为止所作的努力将立即生效。
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
现在重新加载特权表吗(按y | y表示是,按任何其他键表示否):y
Success.
All done!
结束!!!!!!!!!
4712
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
