Ubuntu 18.10.1
Mysql 5.7.26-0
安装mysql
apt-get install mysql-server
安装完可以直接使用,但是新版本在安装过程中没有提示设置root用户密码,使用如下方法设置:
sudo mysql_secure_installation
过程中提示是否开启 VALIDATE PASSWORD PLUGIN,就是设置密码强度检查,自行选择:
VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD plugin? Press y|Y for Yes, any other key for No:
如果后面要再修改,可以去 /etc/mysql/my.cnf 里面增加:
validate_password=OFF
选择是的话会让你选择等级:
LOW Length >= 8 MEDIUM Length >= 8, numeric, mixed case, and special characters STRONG Length >= 8, numeric, mixed case, special characters and dictionary file Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
然会会让你输入root密码,注意一定要符合上面你选择的要求:
Please set the password for root here. New password: Re-enter new password:
输入完之后会显示你的密码的安全性,并提示你是否确认使用这个:
Estimated strength of the password: 50 Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
之后就是一些其他方面的设置。。。
最后注意会提示你是否重新加载权限表格:
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y Success.
以上设置完成后发现还是无法使用,采用如下方法:
mysql> select Host,User,plugin,authentication_string from user; +-----------+------------------+-----------------------+-------------------------------------------+ | Host | User | plugin | authentication_string | +-----------+------------------+-----------------------+-------------------------------------------+ | localhost | root | auth_socket | | | localhost | mysql.session | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | | localhost | mysql.sys | mysql_native_password | *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE | | localhost | debian-sys-maint | mysql_native_password | *9FD2128DA457CDBF327277BA59C9DE1BAFA88816 | +-----------+------------------+-----------------------+-------------------------------------------+ 4 rows in set (0.00 sec)
发现root用户的认证方式是:auth_socket
它只检查用户是否使用套接字进行连接,然后比较用户名,并没有密码验证。
所以我们要修改plugin,并设置密码。
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'your_password';
注意这两个操作必须一条命令执行,先更改插件然后设置密码将不起作用,它将再次回退到auth_socket。
如果你设置密码的时候提示了以下错误:
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
需要注意你的密码策略等级。
mysql> SHOW VARIABLES LIKE 'validate_password%'; +--------------------------------------+--------+ | Variable_name | Value | +--------------------------------------+--------+ | validate_password_check_user_name | OFF | | validate_password_dictionary_file | | | validate_password_length | 8 | | validate_password_mixed_case_count | 1 | | validate_password_number_count | 1 | | validate_password_policy | MEDIUM | | validate_password_special_char_count | 1 | +--------------------------------------+--------+ 7 rows in set (0.31 sec)
其中各字段意思如下:
- validate_password_length 固定密码的总长度;
- validate_password_dictionary_file 指定密码验证的文件路径
- validate_password_mixed_case_count 整个密码中至少要包含大/小写字母的总个数
- validate_password_number_count 整个密码中至少要包含阿拉伯数字的个数;
- validate_password_policy 指定密码的强度验证等级,默认为 MEDIUM;
- 0/LOW:只验证长度;
- 1/MEDIUM:验证长度、数字、大小写、特殊字符;
- 2/STRONG:验证长度、数字、大小写、特殊字符、字典文件;
- validate_password_special_char_count 整个密码中至少要包含特殊字符的个数;
我们可以修改等级:
mysql> set global validate_password_policy=LOW;
当然其他字段也可以直接修改,总之设置密码时需要与其匹配。
至此root密码设置成功。