redis開啟遠程訪問
redis默認只允許本地訪問,要使redis可以遠程訪問可以修改redis.conf
打開redis.conf文件在NETWORK部分有說明
修改辦法:protected-mode no
################################## NETWORK #####################################
# By default, if no "bind" configuration directive is specified, Redis listens
# for connections from all the network interfaces available on the server.
# It is possible to listen to just one or multiple selected interfaces using
# the "bind" configuration directive, followed by one or more IP addresses.
#
# Examples:
#
# bind 192.168.1.100 10.0.0.1
# bind 127.0.0.1 ::1
#
# ~~~ WARNING ~~~ If the computer running Redis is directly exposed to the
# internet, binding to all the interfaces is dangerous and will expose the
# instance to everybody on the internet. So by default we uncomment the
# following bind directive, that will force Redis to listen only into
# the IPv4 lookback interface address (this means Redis will be able to
# accept connections only from clients running into the same computer it
# is running).
#
# IF YOU ARE SURE YOU WANT YOUR INSTANCE TO LISTEN TO ALL THE INTERFACES
# JUST COMMENT THE FOLLOWING LINE.
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bind 127.0.0.1
# Protected mode is a layer of security protection, in order to avoid that
# Redis instances left open on the internet are accessed and exploited.
#
# When protected mode is on and if:
#
# 1) The server is not binding explicitly to a set of addresses using the
# "bind" directive.
# 2) No password is configured.
#
# The server only accepts connections from clients connecting from the
# IPv4 and IPv6 loopback addresses 127.0.0.1 and ::1, and from Unix domain
# sockets.
#
# By default protected mode is enabled. You should disable it only if
# you are sure you want clients from other hosts to connect to Redis
# even if no authentication is configured, nor a specific set of interfaces
# are explicitly listed using the "bind" directive.
protected-mode yes
http://www.cnblogs.com/liusxg/p/5712493.html
密碼不正確的情況:
# mysql -uroot -h192.168.1.20 testDb -p
Enter password:
ERROR 1045 (28000): Authentication Failed For RDS maybe username or password is incorrect
遠程mysql服務器沒有開啟遠程訪問:
# mysql -uroot -h192.168.1.20 testDb -p
Enter password:
ERROR 1045 (28000): Access denied for user 'root'@'192.168.1.20' (using password: YES)
解決辦法:
update user set host="%" where user="root"; flush privileges;//刷新數據庫 quit
此時用戶root只能通過遠程訪問。在本地也必須要使用-h指定本機ip
如果想允許本機不使用-h參數,需要:
insert into mysql.user(Host,User,Password) values(‘localhost’,'roo’,password(‘root’));
或
insert into mysql.user(host,user,password) values select 'localhost',user,passoword from mysql.user where user='root' and host='%';//限定host是確定只有一條記錄,不然會報錯
ERROR 1062 (23000): Duplicate entry '%-root' for key 'PRIMARY'
mysql> show create table mysql.user; +-------+-----------------------------------------+ | Table | Create Table | +-------+-----------------------------------------+ | user | CREATE TABLE `user` ( `Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '', `User` char(16) COLLATE utf8_bin NOT NULL DEFAULT '', `Password` char(41) CHARACTER SET latin1 COLLATE latin1_bin NOT NULL DEFAULT '', `Select_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Insert_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Update_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Delete_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Drop_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Reload_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Shutdown_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Process_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `File_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Grant_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `References_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Index_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Alter_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Show_db_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Super_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_tmp_table_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Lock_tables_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Execute_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Repl_slave_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Repl_client_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Show_view_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Alter_routine_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_user_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Event_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Trigger_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `Create_tablespace_priv` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', `ssl_type` enum('','ANY','X509','SPECIFIED') CHARACTER SET utf8 NOT NULL DEFAULT '', `ssl_cipher` blob NOT NULL, `x509_issuer` blob NOT NULL, `x509_subject` blob NOT NULL, `max_questions` int(11) unsigned NOT NULL DEFAULT '0', `max_updates` int(11) unsigned NOT NULL DEFAULT '0', `max_connections` int(11) unsigned NOT NULL DEFAULT '0', `max_user_connections` int(11) unsigned NOT NULL DEFAULT '0', `plugin` char(64) COLLATE utf8_bin DEFAULT 'mysql_native_password', `authentication_string` text COLLATE utf8_bin, `password_expired` enum('N','Y') CHARACTER SET utf8 NOT NULL DEFAULT 'N', PRIMARY KEY (`Host`,`User`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='Users and global privileges' |
//刷新系統權限表
mysql>flush privileges;
用戶沒有對db操作權限的解決辦法:
mysql> grant all on testDb.* to root@%; ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%' at line 1 mysql> grant all privileges on testDb.* to root@'%'; Query OK, 0 rows affected (0.00 sec) mysql> 遠程mysql客戶端需要重啟后,才能生效
更改mysql用戶密碼的操作:
use mysql; select user,host,password from mysql.user; +------+-----------+-------------------------------------------+ | user | host | password | +------+-----------+-------------------------------------------+ | root | localhost | *CF1E6A25C954B638A451D6| | root | centos64 | | | root | 127.0.0.1 | | | | localhost | | | | centos64 | | +------+-----------+-------------------------------------------+ update mysql.user set password=PASSWORD("***********") where User='root';
來一組管理常用操作的流程:
用戶管理 mysql>use mysql; 查看 mysql> select host,user,password from user ; 創建 mysql> create user zx_root IDENTIFIED by 'xxxxx'; //identified by 會將純文本密碼加密作為散列值存儲 修改 mysql>rename user feng to newuser;//mysql 5之后可以使用,之前需要使用update 更新user表 刪除 mysql>drop user newuser; //mysql5之前刪除用戶時必須先使用revoke 刪除用戶權限,然后刪除用戶,mysql5之后drop 命令可以刪除用戶的同時刪除用戶的相關權限 更改密碼 mysql> set password for zx_root =password('xxxxxx'); mysql> update mysql.user set password=password('xxxx') where user='otheruser' 查看用戶權限 mysql> show grants for zx_root; 賦予權限 mysql> grant select on dmc_db.* to zx_root; 回收權限 mysql> revoke select on dmc_db.* from zx_root; //如果權限不存在會報錯
grant 普通數據用戶,查詢、插入、更新、刪除 數據庫中所有表數據的權利。
grant select on testdb.* to common_user@’%’
grant insert on testdb.* to common_user@’%’
grant update on testdb.* to common_user@’%’
grant delete on testdb.* to common_user@’%’
或者,用一條 MySQL 命令來替代:
grant select, insert, update, delete on testdb.* to common_user@’%’
9>.grant 數據庫開發人員,創建表、索引、視圖、存儲過程、函數。。。等權限。
grant 創建、修改、刪除 MySQL 數據表結構權限。
grant create on testdb.* to developer@’192.168.0.%’;
grant alter on testdb.* to developer@’192.168.0.%’;
grant drop on testdb.* to developer@’192.168.0.%’;
grant 操作 MySQL 外鍵權限。
grant references on testdb.* to developer@’192.168.0.%’;
grant 操作 MySQL 臨時表權限。
grant create temporary tables on testdb.* to developer@’192.168.0.%’;
grant 操作 MySQL 索引權限。
grant index on testdb.* to developer@’192.168.0.%’;
grant 操作 MySQL 視圖、查看視圖源代碼 權限。
grant create view on testdb.* to developer@’192.168.0.%’;
grant show view on testdb.* to developer@’192.168.0.%’;
grant 操作 MySQL 存儲過程、函數 權限。
grant create routine on testdb.* to developer@’192.168.0.%’; -- now, can show procedure status
grant alter routine on testdb.* to developer@’192.168.0.%’; -- now, you can drop a procedure
grant execute on testdb.* to developer@’192.168.0.%’;
10>.grant 普通 DBA 管理某個 MySQL 數據庫的權限。
grant all privileges on testdb to dba@’localhost’
其中,關鍵字 “privileges” 可以省略。
11>.grant 高級 DBA 管理 MySQL 中所有數據庫的權限。
grant all on *.* to dba@’localhost’
12>.MySQL grant 權限,分別可以作用在多個層次上。
1. grant 作用在整個 MySQL 服務器上:
grant select on *.* to dba@localhost; -- dba 可以查詢 MySQL 中所有數據庫中的表。
grant all on *.* to dba@localhost; -- dba 可以管理 MySQL 中的所有數據庫
2. grant 作用在單個數據庫上:
grant select on testdb.* to dba@localhost; -- dba 可以查詢 testdb 中的表。
3. grant 作用在單個數據表上:
grant select, insert, update, delete on testdb.orders to dba@localhost;
4. grant 作用在表中的列上:
grant select(id, se, rank) on testdb.apache_log to dba@localhost;
5. grant 作用在存儲過程、函數上:
grant execute on procedure testdb.pr_add to ’dba’@’localhost’
grant execute on function testdb.fn_add to ’dba’@’localhost’
注意:修改完權限以后 一定要刷新服務,或者重啟服務,刷新服務用:FLUSH PRIVILEGES。| 權限 | 說明 |
| all | |
| alter | |
| alter routine | 使用alter procedure 和drop procedure |
| create | |
| create routine | 使用create procedure |
| create temporary tables | 使用create temporary table |
| create user | |
| create view | |
| delete | |
| drop | |
| execute | 使用call和存儲過程 |
| file | 使用select into outfile 和load data infile |
| grant option | 可以使用grant和revoke |
| index | 可以使用create index 和drop index |
| insert | |
| lock tables | 鎖表 |
| process | 使用show full processlist |
| reload | 使用flush |
| replication client | 服務器位置訪問 |
| replocation slave | 由復制從屬使用 |
| select | |
| show databases | |
| show view |
| shutdown | 使用mysqladmin shutdown 來關閉mysql |
| super | |
| update | |
| usage | 無訪問權限 |
http://www.cnblogs.com/fslnet/p/3143344.html