mysql修改加密方式
安装
安装mysql服务
sudo apt-get install mysql-server
配置初始化信息
sudo mysql_secure_installation
具体配置信息
#1
VALIDATE PASSWORD PLUGIN can be used to test passwords...
Press y|Y for Yes, any other key for No: N (我的选项)
#2
Please set the password for root here...
New password: (输入密码)
Re-enter new password: (重复输入)
#3
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them...
Remove anonymous users? (Press y|Y for Yes, any other key for No) : N (我的选项)
#4
Normally, root should only be allowed to connect from
‘localhost‘. This ensures that someone cannot guess at
the root password from the network...
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y (我的选项)
#5
By default, MySQL comes with a database named ‘test‘ that
anyone can access...
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : N (我的选项)
#6
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y (我的选项)
修改加密方式
在Ubuntu系统中MySQL 5.7及之后的版本,MySQL的root用户被默认设置成通过auth_socket插件进行认证,而不是通过密码。在很多情况下,这些配置可以使系统更加的安全和可靠,但如果允许外部程序(例如phpMyAdmin)访问时,这将是事情变得非常复杂。
为了能够以root用户通过密码的方式连接MySQL,你需要将其认证方式从 auth_socket 方式变更为mysql_native_password。进行该设置,通过终端打开MySQL的提示符:
sudo mysql
use mysql;
select host, user, authentication_string, plugin from user;
表格介绍:
-
host: 允许用户登录的 ip ‘位置’ % 表示可以远程;
-
user: 当前数据库的用户名;
-
authentication_string: 用户密码(在mysql 5.7.9以后废弃了password字段和password()函数);
-
plugin: 密码加密方式;
update user set Host=‘%‘ where User=‘root‘;
alter user ‘root‘@‘%‘ identified with mysql_native_password by ‘password‘;
#password换成你的密码
注意这个密码如果设置的比较简单,例如 123456 等等,会设置不成功,它会提示你设置的密码太简单,最好设置成大写字母、数字、符号的组合。这个也是新版mysql的一个特点,MySQL 5.7.6 以后废弃了 user 表中的 password 字段和 password() 方法,所以使用旧的方法去重置密码对 mysql 8.0 是不行的!
可以将安全策略改为低
SHOW VARIABLES LIKE ‘validate_password%‘;
这时再次查看权限
select host, user, authentication_string, plugin from user;
修改成功