前言:由於好幾次安裝MySQL5.7后一直被重置密碼所困擾,因此特意整理重置的方法
安裝MySQL5.7
[root@node1 db]# ll 以下的rpm安裝包可以隨處下載 total 402356 -rw-r--r-- 1 root root 24744 Nov 25 2015 libaio-0.3.109-13.el7.x86_64.rpm -rw-r--r-- 1 7155 31415 25106088 Mar 5 10:24 mysql-community-client-5.7.22-1.el7.x86_64.rpm -rw-r--r-- 1 7155 31415 3781636 Mar 5 10:24 mysql-community-devel-5.7.22-1.el7.x86_64.rpm -rw-r--r-- 1 7155 31415 2239868 Mar 5 10:24 mysql-community-libs-5.7.22-1.el7.x86_64.rpm -rw-r--r-- 1 7155 31415 172992596 Mar 5 10:25 mysql-community-server-5.7.22-1.el7.x86_64.rpm [root@node1 db]# [root@node1 db]# rpm -ivh *.rpm --nodeps --force warning: mysql-community-client-5.7.22-1.el7.x86_64.rpm: Header V3 DSA/SHA1 Signature, key ID 5072e1f5: NOKEY Preparing... ################################# [100%] Updating / installing... 1:mysql-community-libs-5.7.22-1.el7################################# [ 20%] 2:mysql-community-client-5.7.22-1.e################################# [ 40%] 3:libaio-0.3.109-13.el7 ################################# [ 60%] 4:mysql-community-server-5.7.22-1.e################################# [ 80%] 5:mysql-community-devel-5.7.22-1.el################################# [100%] 啟動mysql [root@node1 db]# systemctl start mysqld 從日志中獲取隨機生成的密碼 [root@node1 db]# grep password /var/log/mysqld.log 2018-07-15T09:01:09.735836Z 1 [Note] A temporary password is generated for root@localhost: ViFg8pWf+,lU [root@node1 db]# mysql -uroot -pViFg8pWf+,lU mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.22 Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. 登錄后並不能任何操作 mysql> show databases; ERROR 1820 (HY000): Unknown error 1820 mysql> select * from mysql; ERROR 1046 (3D000):
方法1:使用alter修改
mysql> ALTER USER USER() IDENTIFIED BY 'Reid790!@#$'; Query OK, 0 rows affected (0.00 sec) mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Tom579#$%^&'; #針對localhost Query OK, 0 rows affected (0.00 sec) 或者先關閉其密碼策略修改 mysql> select @@validate_password_length; ERROR 1820 (HY000): Unknown error 1820 mysql> ALTER USER USER() IDENTIFIED BY '12345678'; Query OK, 0 rows affected (0.00 sec) validate_password_policy有以下取值: Policy Tests Performed 0 or LOW Length 1 or MEDIUM Length; numeric, lowercase/uppercase, and special characters 2 or STRONG Length; numeric, lowercase/uppercase, and special characters; dictionary file 默認是1,即MEDIUM,所以剛開始設置的密碼必須符合長度,且必須含有數字,小寫或大寫字母,特殊字符。
方法2:使用set password
mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('Gerk087@&#@'); #第一次也要符合密友復雜度
Query OK, 0 rows affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
方法3:使用update
mysql> UPDATE mysql.user SET authentication_string = PASSWORD('Marry583@&%!'), password_expired = 'N' WHERE User = 'root' AND Host = 'localhost';
Query OK, 1 row affected, 1 warning (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
方法4:使用mysql_secure_installation
[root@node1 db]# mysql_secure_installation Securing the MySQL server deployment. Enter password for user root: Marry583@&%! The 'validate_password' plugin is installed on the server. The subsequent steps will run with the existing configuration of the plugin. Using existing password for root. Estimated strength of the password: 100 Change the password for root ? ((Press y|Y for Yes, any other key for No) : y New password: Tom579#$%^& Re-enter new password: Tom579#$%^& Estimated strength of the password: 100 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. 為了安全應該yes Remove anonymous users? (Press y|Y for Yes, any other key for No) : No ... skipping. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. 為了安全應該yes Disallow root login remotely? (Press y|Y for Yes, any other key for No) : No ... skipping. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. 為了安全應該yes Remove test database and access to it? (Press y|Y for Yes, any other key for No) : No ... skipping. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done!
方法5:跳過授權列表skip-grant-tables
[root@node1 db]# mysql
ERROR 1045 (28000): Unknown error 1045
[root@node1 db]# vim /etc/my.cnf #使用完后去掉
[mysqld]
skip-grant-tables=1
重啟mysql,再修改
[root@node1 db]# systemctl restart mysqld
[root@node1 db]# mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.22 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> set password = PASSWORD('Reid4909@%&');
ERROR 1290 (HY000): Unknown error 1290
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Tom579#$%^&';
ERROR 1290 (HY000): Unknown error 1290
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> set password = PASSWORD('Reid4909@%&');
ERROR 1133 (42000):
mysql> ALTER USER 'root'@'localhost' IDENTIFIED BY 'Tom579#$%^&';
Query OK, 0 rows affected (0.01 sec)
mysql> set password for root@localhost = password('123456');
Query OK, 0 rows affected, 1 warning (0.00 sec)
Summary
a. mysql5.7安裝好后會在/var/log/mysql.log中產隨機密碼,而且不修改密碼不能執行任何操作
b. mysql5.7的user表中的password字串修改為authentication_string
c. 修改密碼的Policy轉變是1(中級),因此設置時要符合規則
d. 跳過授權列時,同時也不受密碼policy影響