在本教程中,我們將向您展示如何在MySQL Apt Repository的Debian 9機器上安裝和保護MySQL。
如果您的應用程序沒有任何特定要求,您應該堅持使用Debian 9中的默認數據庫系統MariaDB。
配置MySQL的軟件倉庫
要將MySQL APT存儲庫添加到系統,請轉到存儲庫下載頁面並下載最新的發行包:
wget http://repo.mysql.com/mysql-apt-config_0.8.10-1_all.deb
下載完成后,使用以下命令安裝發行包:
sudo dpkg -i mysql-apt-config_0.8.10-1_all.deb
您將看到配置菜單,您可以在其中選擇要安裝的MySQL版本。
MySQL 8.0是默認選擇的,如果你想安裝另一個版本的MySQL,請選擇MySQL Server&Cluster(當前選擇:mysql-8.0)並選擇你喜歡的MySQL版本
我們要安裝MySQL 8.0版。 選擇最后一個選項確定,然后按Enter鍵(如上圖所示)以保存配置。
安裝MySQL
在Debian 9服務器上安裝MySQL之前,首先使用以下命令更新軟件包列表:
sudo apt update
更新軟件包列表后,運行以下命令在Debian服務器上安裝MySQL:
sudo apt install mysql-server
安裝程序將要求您設置MySQL root密碼。 現在不要設置密碼(留空),我們將在下一節中進行設置。
接下來,您將看到一條消息,通知您有關新的MySQL 8身份驗證的信息。
在選擇默認的mysql 8身份驗證插件之前,請確保您的應用程序支持它。
驗證MySQL安裝
安裝完成后,MySQL服務將自動啟動。
我們可以通過輸入以下內容來檢查MySQL服務狀態
sudo systemctl status mysql
輸出內容:
● mysql.service - MySQL Community Server Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: Active: active (running) since Thu 2018-08-02 17:22:18 UTC; 18s ago Docs: man:mysqld(8) http://dev.mysql.com/doc/refman/en/using-systemd.html Process: 14797 ExecStartPre=/usr/share/mysql-8.0/mysql-systemd-start pre (co Main PID: 14832 (mysqld) Status: "SERVER_OPERATING" Tasks: 37 (limit: 4915) CGroup: /system.slice/mysql.service └─14832 /usr/sbin/mysqld
保護MySQL
運行mysql_secure_installation命令設置root密碼並提高MySQL安裝的安全性:
sudo mysql_secure_installation
輸出內容:
Securing the MySQL server deployment. Connecting to MySQL using a blank password. VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component? Press y|Y for Yes, any other key for No:
系統將要求您配置VALIDATE PASSWORD PLUGIN,用於測試MySQL用戶密碼的強度。 密碼驗證策略有三個級別,低,中和強。 如果您不想設置驗證密碼插件,請按ENTER。
輸出內容:
Please set the password for root here. New password: Re-enter new password:
在下一個提示中,將要求您為MySQL root用戶設置密碼。
輸出內容:
By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? (Press y|Y for Yes, any other key for No) : y Success. Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y Success. By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y - Dropping test database... Success. - Removing privileges on test database... Success. Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success. All done!
設置root密碼后,腳本還會要求您刪除匿名用戶,限制root用戶訪問本地計算機並刪除測試數據庫。 你應該對所有問題回答“是”(是)。
從命令行連接到MySQL
要通過終端與MySQL交互,我們將使用MySQL客戶端作為MySQL服務器包的依賴項。
以root用戶身份登錄MySQL服務器:
mysql -u root -p
系統將提示您輸入運行mysql_secure_installation腳本時先前設置的root密碼。
輸入密碼后,您將看到mysql shell,如下所示:
輸出內容:
Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 10 Server version: 8.0.12 MySQL Community Server - GPL Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
開啟訪問權限
mysql>use mysql mysql>update user set plugin='mysql_native_password'; mysql>flush privileges;
創建一個數據庫
連接到MySQL shell后,可以通過鍵入以下命令來創建新數據庫:
mysql > CREATE DATABASE new_database; Query OK, 1 row affected (0.00 sec)
創建數據庫表
現在我們已經創建了一個數據庫,我們可以創建一個表來存儲一些數據。
在運行用於創建表的SQL語句之前,我們需要連接到數據庫:
mysql > use new_database;
在這個例子中,我們將創建一個名為contacts的簡單表,其中包含三個字段:id,name和email:
CREATE TABLE contacts ( id INT PRIMARY KEY, name VARCHAR(30), email VARCHAR(30) ); 輸出: Query OK, 1 row affected (0.00 sec)
總結
在本教程中,我們向您展示了如何在Debian 9服務器上安裝和保護MySQL服務器。 我們還向您展示了如何連接到MySQL shell以及如何創建新的數據庫和表。