Prevent MySQL login with no user or password
Question
I installed MySQL like so:
sudo apt install mysql-server -y && mysql_secure_installation;
and did the following
CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';
GRANT ALL PRIVILEGES ON * . * TO 'user'@'localhost';
FLUSH PRIVILEGES;
ALTER USER 'root'@'localhost' IDENTIFIED BY 'MyNewPass';
FLUSH PRIVILEGES;
However, I can still access MySQL with:
sudo mysql
I don't understand how it has access with no user or password... How do I prevent this?
1 answers
solution1
0 2021-04-18 06:48:24
when you run sudo mysql command its authenticated with auth socket, you can check authentication used using query below.
mysql> SELECT plugin from mysql.user where User='root';
if you wnat disable that and using native authentication, run this query.
mysql> UPDATE mysql.user SET plugin = 'mysql_native_password', authentication_string = PASSWORD('changeme') WHERE User = 'root';
mysql> FLUSH PRIVILEGES;
and if you need more information, you can read docs about auth socket.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Prevent MySQL login with empty password
prevent mysql user change password of other user
Puppet MySQL disable root user login without password
MySQL: How to find which user login with a wrong password
PHP/MYSQL Authenticate user login using salt password?
MySQL Password Login Code?
Password login not functioning in MySQL
Totally bizzare: deleting a MySQL user allows me to still login as that user with an empty password
mysql user password algorithm
MYSQL loses user password
Related Tags