• mysql 5.7 root密码重置(centos 7)


    mysql5.7版本之后,与mariadb不同,在安装之后,在启动之时,会进行自动随机密码的设定,所以在systemctl start mysqld之后,会出现mysql -uroot -p无法登陆的情况

    mysql root原始密码查看

    实际上mysqld在启动时,会自动设定root密码的,可以在其相关日志里面查看到,如下:

    [root@bogon ~]# grep password /var/log/mysqld.log
    2017-07-31T10:31:57.368883Z 1 [Note] A temporary password is generated for root@localhost: TjcrBm.j,7eU
    2017-07-31T10:32:30.201882Z 3 [Note] Access denied for user 'root'@'localhost' (using password: NO)
    2017-07-31T10:34:40.233539Z 0 [Note] Shutting down plugin 'validate_password'
    2017-07-31T10:34:41.483983Z 0 [Note] Shutting down plugin 'sha256_password'
    2017-07-31T10:34:41.483990Z 0 [Note] Shutting down plugin 'mysql_native_password'
    

    mysql root的初始密码为TjcrBm.j,7eU(每人情况不一样,具体值在mysql日志中查看)

    mysql密码重置

    当然有些人可能是root密码真忘记了,那样可以通过mysql免密码登陆

    在其配置文件/etc/my.cnf中加入skip-grant-tables=1即可

    [root@bogon ~]# grep -v ^# /etc/my.cnf | grep -v ^$
    [mysqld]
    datadir=/var/lib/mysql
    socket=/var/lib/mysql/mysql.sock
    symbolic-links=0
    log-error=/var/log/mysqld.log
    pid-file=/var/run/mysqld/mysqld.pid
    skip-grant-tables=1
    

    然后重启mysql,使用mysql命令即可进入

    [root@bogon ~]# systemctl restart mysqld
    [root@bogon ~]# ss -tnl
    State      Recv-Q Send-Q             Local Address:Port                            Peer Address:Port              
    LISTEN     0      128                    127.0.0.1:9000                                       *:*                  
    LISTEN     0      128                            *:111                                        *:*                  
    LISTEN     0      128                            *:80                                         *:*                  
    LISTEN     0      128                            *:22                                         *:*                  
    LISTEN     0      100                    127.0.0.1:25                                         *:*                  
    LISTEN     0      80                            :::3306                                      :::*                  
    LISTEN     0      128                           :::111                                       :::*                  
    LISTEN     0      128                           :::22                                        :::*                  
    LISTEN     0      100                          ::1:25                                        :::*  
    [root@bogon ~]# mysql
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 4
    Server version: 5.7.19
    
    Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql> 
      
    

    修改mysql root密码

    mysql> use mysql
    Reading table information for completion of table and column names
    You can turn off this feature to get a quicker startup with -A
    
    Database changed
    
    mysql> update user set authentication_string = password("123456") where user="root";
    Query OK, 1 row affected, 1 warning (0.00 sec)
    Rows matched: 1  Changed: 1  Warnings: 1
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    

    然后将/etc/my.cnf中的skip-grant-tables=1注释掉,重启mysql服务即可。

    在此要注意的是,之前版本密码修改字段为password,在5.7版本之后字段为authentication_string

    mysql密码难度修改

    mysql密码修改为123456之后,有人发现使用123456能进入mysql,但是却不能使用mysql的任何功能。会出现如下情况:

    [root@bogon ~]# mysql -uroot -p123456
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 4
    Server version: 5.7.19
    
    Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql> show databases;
    ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
    

    实际上,在初始更改root密码时,并不能直接使用update来更改,需要使用alter user命令来更改

    mysql> alter user 'root'@'localhost' identified by '123456';
    ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
    ## mysql在5.7版本中加了密码安全等级,弱密码不能使用
    
    mysql> alter user 'root'@'localhost' identified by 'QWEqwe123!@#';
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    

    mysql 安全策略以及root密码清空

    在上述修改密码之后,可查看mysql的密码安全策略

    [root@bogon ~]# mysql -uroot -p'QWEqwe123!@#'
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 6
    Server version: 5.7.19 MySQL Community Server (GPL)
    
    Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql> show variables like '%password%';
    +---------------------------------------+--------+
    | Variable_name                         | Value  |
    +---------------------------------------+--------+
    | default_password_lifetime             | 0      |
    | disconnect_on_expired_password        | ON     |
    | log_builtin_as_identified_by_password | OFF    |
    | mysql_native_password_proxy_users     | OFF    |
    | old_passwords                         | 0      |
    | report_password                       |        |
    | sha256_password_proxy_users           | OFF    |
    | validate_password_check_user_name     | OFF    |
    | validate_password_dictionary_file     |        |
    | validate_password_length              | 8      |
    | validate_password_mixed_case_count    | 1      |
    | validate_password_number_count        | 1      |
    | validate_password_policy              | MEDIUM |
    | validate_password_special_char_count  | 1      |
    +---------------------------------------+--------+
    14 rows in set (0.00 sec)
    
    

    其中可以看到validate有很多参数

    validate_password_dictionary_file:插件用于验证密码强度的字典文件路径。

    validate_password_length:密码最小长度。

    validate_password_mixed_case_count:密码至少要包含的小写字母个数和大写字母个数。

    validate_password_number_count:密码至少要包含的数字个数。

    validate_password_policy:密码强度检查等级,0/LOW、1/MEDIUM、2/STRONG。

    validate_password_special_char_count:密码至少要包含的特殊字符数。

    其中,关于validate_password_policy-密码强度检查等级:

    0/LOW:只检查长度。

    1/MEDIUM:检查长度、数字、大小写、特殊字符。

    2/STRONG:检查长度、数字、大小写、特殊字符字典文件。

    可以直接在mysql中进行参数的修改

    mysql> set global validate_password_policy=0;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> set global validate_password_special_char_count=0;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> set global validate_password_number_count=0;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> set global validate_password_mixed_case_count=0;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> set global validate_password_length=0;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> show variables like '%password%';
    +---------------------------------------+-------+
    | Variable_name                         | Value |
    +---------------------------------------+-------+
    | default_password_lifetime             | 0     |
    | disconnect_on_expired_password        | ON    |
    | log_builtin_as_identified_by_password | OFF   |
    | mysql_native_password_proxy_users     | OFF   |
    | old_passwords                         | 0     |
    | report_password                       |       |
    | sha256_password_proxy_users           | OFF   |
    | validate_password_check_user_name     | OFF   |
    | validate_password_dictionary_file     |       |
    | validate_password_length              | 0     |
    | validate_password_mixed_case_count    | 0     |
    | validate_password_number_count        | 0     |
    | validate_password_policy              | LOW   |
    | validate_password_special_char_count  | 0     |
    +---------------------------------------+-------+
    14 rows in set (0.00 sec)
    

    当然,此种变更,只能在当前环境下生效,重启mysql后会失效

    想要长期生效,需要将更改写入配置文件中才可永久生效

    也可以直接在配置文件中进行修改禁用validate-password功能

    编辑my.cnf配置文件,在mysqld下面加入“validate-password=off”,然后重启mysql即可。

    [root@bogon ~]# grep -v ^# /etc/my.cnf  | grep -v ^$
    [mysqld]
    datadir=/var/lib/mysql
    socket=/var/lib/mysql/mysql.sock
    validate_password=off
    skip-name-resolve=on
    innodb_file_per_table=on
    symbolic-links=0
    log-error=/var/log/mysqld.log
    pid-file=/var/run/mysqld/mysqld.pid
    

    将mysql的密码安全等级降低之后,可以将root密码修改回来

    mysql> update mysql.user set authentication_string = password('') where user='root';
    Query OK, 1 row affected (0.00 sec)
    Rows matched: 1  Changed: 1  Warnings: 0
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> exit
    

    以上密码root即清除为空了。使用mysql即可直接进入mysql。当然生产环境中不推荐此种做法

    也可以直接清除mysql password插件

    [root@vm-10-112-42-140 mysql]# mysql -uroot -p'PoGtyalq9i>r'
    mysql: [Warning] Using a password on the command line interface can be insecure.
    Welcome to the MySQL monitor.  Commands end with ; or g.
    Your MySQL connection id is 3
    Server version: 5.7.22
    
    Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
    
    Oracle is a registered trademark of Oracle Corporation and/or its
    affiliates. Other names may be trademarks of their respective
    owners.
    
    Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
    
    mysql> uninstall plugin validate_password;
    ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.
    mysql> alter user 'root'@'localhost' identified by 'QWEqwe123!@#';
    Query OK, 0 rows affected (0.01 sec)
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> uninstall plugin validate_password;
    Query OK, 0 rows affected (0.07 sec)
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> update mysql.user set authentication_string = password('') where user='root';
    Query OK, 1 row affected (0.00 sec)
    Rows matched: 1  Changed: 1  Warnings: 0
    
    mysql> flush privileges;
    Query OK, 0 rows affected (0.00 sec)
    
    mysql> exit
    
  • 相关阅读:
    loadrunner 11安装教程
    测试用例
    软件测试分类
    软件测试模型
    VMware Workstation安装Red hat7.0联网问题总结
    Python网络编程基础pdf
    Python数据可视化编程实战pdf
    Python数据分析实战
    Python数据科学手册
    Python入门经典. 以解决计算问题为导向的Python编程实践
  • 原文地址:https://www.cnblogs.com/marility/p/7278333.html
Copyright © 2020-2023  润新知