mysql修改加密方式
安裝
安裝mysql服務
sudo apt-get install mysql-server
配置初始化信息
sudo mysql_secure_installation
具體配置信息
#1
VALIDATE PASSWORD PLUGIN can be used to test passwords...
Press y|Y for Yes, any other key for No: N (我的選項)
#2
Please set the password for root here...
New password: (輸入密碼)
Re-enter new password: (重復輸入)
#3
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them...
Remove anonymous users? (Press y|Y for Yes, any other key for No) : N (我的選項)
#4
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network...
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y (我的選項)
#5
By default, MySQL comes with a database named 'test' that
anyone can access...
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : N (我的選項)
#6
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y (我的選項)
修改加密方式
在Ubuntu系統中MySQL 5.7及之后的版本,MySQL的root用戶被默認設置成通過auth_socket插件進行認證,而不是通過密碼。在很多情況下,這些配置可以使系統更加的安全和可靠,但如果允許外部程序(例如phpMyAdmin)訪問時,這將是事情變得非常復雜。
為了能夠以root用戶通過密碼的方式連接MySQL,你需要將其認證方式從 auth_socket 方式變更為mysql_native_password。進行該設置,通過終端打開MySQL的提示符:
sudo mysql
use mysql;
select host, user, authentication_string, plugin from user;
表格介紹:
-
host: 允許用戶登錄的 ip ‘位置’ % 表示可以遠程;
-
user: 當前數據庫的用戶名;
-
authentication_string: 用戶密碼(在mysql 5.7.9以后廢棄了password字段和password()函數);
-
plugin: 密碼加密方式;
update user set Host='%' where User='root';
alter user 'root'@'%' identified with mysql_native_password by 'password';
#password換成你的密碼
注意這個密碼如果設置的比較簡單,例如 123456 等等,會設置不成功,它會提示你設置的密碼太簡單,最好設置成大寫字母、數字、符號的組合。這個也是新版mysql的一個特點,MySQL 5.7.6 以后廢棄了 user 表中的 password 字段和 password() 方法,所以使用舊的方法去重置密碼對 mysql 8.0 是不行的!
可以將安全策略改為低
SHOW VARIABLES LIKE 'validate_password%';
這時再次查看權限
select host, user, authentication_string, plugin from user;
修改成功