MySQL5.7初始化后5种密码重置方法
前言:由于好几次安装MySQL5.7后一直被重置密码所困扰,因此特意整理重置的方法
安装MySQL5.7
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
[root@node1 db]# ll 以下的rpm安装包可以随处下载
total 402356
-rw-r--r-- 1 root root 24744 Nov 25 2015 libaio-0.3.109-13.el7.x86_64.rpm
-rw-r--r-- 1 7155 31415 25106088 Mar 5 10:24 mysql-community-client-5.7.22-1.el7.x86_64.rpm
-rw-r--r-- 1 7155 31415 3781636 Mar 5 10:24 mysql-community-devel-5.7.22-1.el7.x86_64.rpm
-rw-r--r-- 1 7155 31415 2239868 Mar 5 10:24 mysql-community-libs-5.7.22-1.el7.x86_64.rpm
-rw-r--r-- 1 7155 31415 172992596 Mar 5 10:25 mysql-community-server-5.7.22-1.el7.x86_64.rpm
[root@node1 db]#
[root@node1 db]# rpm -ivh *.rpm --nodeps --force
warning: mysql-community-client-5.7.22-1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:mysql-community-libs-5.7.22-1.el7################################# [ 20%]
2:mysql-community-client-5.7.22-1.e################################# [ 40%]
3:libaio-0.3.109-13.el7 ################################# [ 60%]
4:mysql-community-server-5.7.22-1.e################################# [ 80%]
5:mysql-community-devel-5.7.22-1.el################################# [100%]
启动mysql
[root@node1 db]# systemctl start mysqld
从日志中获取随机生成的密码
[root@node1 db]# grep password /
var
/log/mysqld.log
2018-07-15T09:01:09.735836Z 1 [Note] A temporary password
is
generated
for
root@localhost: ViFg8pWf+,lU
[root@node1 db]# mysql -uroot -pViFg8pWf+,lU
mysql: [Warning] Using a password
on
the command line
interface
can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id
is
2
Server version: 5.7.22
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle
is
a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to clear the current input statement.
登录后并不能任何操作
mysql> show databases;
ERROR 1820 (HY000): Unknown error 1820
mysql>
select
*
from
mysql;
ERROR 1046 (3D000):
|
方法1:使用alter修改
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
mysql> ALTER USER USER() IDENTIFIED BY
'Reid790!@#$'
;
Query OK, 0 rows affected (0.00 sec)
mysql> ALTER USER
'root'
@
'localhost'
IDENTIFIED BY
'Tom579#$%^&'
; #针对localhost
Query OK, 0 rows affected (0.00 sec)
或者先关闭其密码策略修改
mysql>
select
@@validate_password_length;
ERROR 1820 (HY000): Unknown error 1820
mysql> ALTER USER USER() IDENTIFIED BY
'12345678'
;
Query OK, 0 rows affected (0.00 sec)
validate_password_policy有以下取值:
Policy Tests Performed
0 or LOW Length
1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters
2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file
默认是1,即MEDIUM,所以刚开始设置的密码必须符合长度,且必须含有数字,小写或大写字母,特殊字符。
|
方法2:使用set password
|
1
2
3
4
5
|
mysql> SET PASSWORD FOR
'root'
@
'localhost'
= PASSWORD(
'Gerk087@&#@'
); #第一次也要符合密友复杂度
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
|
方法3:使用update
|
1
2
3
4
5
|
mysql> UPDATE mysql.user SET authentication_string = PASSWORD(
'Marry583@&%!'
), password_expired =
'N'
WHERE User =
'root'
AND Host =
'localhost'
;
Query OK, 1 row affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
|
方法4:使用mysql_secure_installation
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
[root@node1 db]# mysql_secure_installation
Securing the MySQL server deployment.
Enter password
for
user root: Marry583@&%!
The
'validate_password'
plugin
is
installed
on
the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password
for
root.
Estimated strength of the password: 100
Change the password
for
root ? ((Press y|Y
for
Yes, any other key
for
No) : y
New password: Tom579#$%^&
Re-enter
new
password: Tom579#$%^&
Estimated strength of the password: 100
Do you wish to
continue
with the password provided?(Press y|Y
for
Yes, any other key
for
No) : y
By
default
, a MySQL installation has an anonymous user,
allowing anyone to log
into
MySQL without having to have
a user account created
for
them. This
is
intended only
for
testing, and to make the installation go a bit smoother.
You should remove them before moving
into
a production
environment.
为了安全应该yes
Remove anonymous users? (Press y|Y
for
Yes, any other key
for
No) : No
... skipping.
Normally, root should only be allowed to connect
from
'localhost'
. This ensures that someone cannot guess at
the root password
from
the network.
为了安全应该yes
Disallow root login remotely? (Press y|Y
for
Yes, any other key
for
No) : No
... skipping.
By
default
, MySQL comes with a database named
'test'
that
anyone can access. This
is
also intended only
for
testing,
and should be removed before moving
into
a production
environment.
为了安全应该yes
Remove test database and access to it? (Press y|Y
for
Yes, any other key
for
No) : No
... skipping.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y
for
Yes, any other key
for
No) : y
Success.
All done!
|
方法5:跳过授权列表skip-grant-tables
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
[root@node1 db]# mysql
ERROR 1045 (28000): Unknown error 1045
[root@node1 db]# vim /etc/my.cnf #使用完后去掉
[mysqld]
skip-grant-tables=1
重启mysql,再修改
[root@node1 db]# systemctl restart mysqld
[root@node1 db]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id
is
2
Server version: 5.7.22 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle
is
a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type
'help;'
or
'\h'
for
help. Type
'\c'
to clear the current input statement.
mysql>
set
password = PASSWORD(
'Reid4909@%&'
);
ERROR 1290 (HY000): Unknown error 1290
mysql> ALTER USER
'root'
@
'localhost'
IDENTIFIED BY
'Tom579#$%^&'
;
ERROR 1290 (HY000): Unknown error 1290
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql>
set
password = PASSWORD(
'Reid4909@%&'
);
ERROR 1133 (42000):
mysql> ALTER USER
'root'
@
'localhost'
IDENTIFIED BY
'Tom579#$%^&'
;
Query OK, 0 rows affected (0.01 sec)
mysql>
set
password
for
root@localhost = password(
'123456'
);
Query OK, 0 rows affected, 1 warning (0.00 sec)
|
Summary
a. mysql5.7安装好后会在/var/log/mysql.log中产随机密码,而且不修改密码不能执行任何操作
b. mysql5.7的user表中的password字串修改为authentication_string
c. 修改密码的Policy转变是1(中级),因此设置时要符合规则
d. 跳过授权列时,同时也不受密码policy影响