1.检查mysql进程和端口是否正常
[root@station253 mysql]# ps aux | grep mysqld
[root@station253 mysql]# ps -ef | grep mysqld
[root@station253 mysql]# netstat -nutlp | grep mysqld
[root@station253 mysql]# lsof -i:3306
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
mysqld 2756 mysql 11u IPv4 33999 0t0 TCP *:mysql (LISTEN)
2.数据目录
[root@station253 mysql]# ll -h /mydata/data
total 30M
-rw-rw---- 1 mysql mysql 18M Dec 14 19:23 ibdata1
-rw-rw---- 1 mysql mysql 5.0M Dec 14 19:23 ib_logfile0
-rw-rw---- 1 mysql mysql 5.0M Dec 14 19:15 ib_logfile1
drwx------ 2 mysql mysql 16K Dec 14 17:39 lost+found
drwx------ 2 mysql root 4.0K Dec 14 19:22 mysql
-rw-rw---- 1 mysql mysql 107 Dec 14 19:15 mysql-bin.000001
-rw-rw---- 1 mysql mysql 28K Dec 14 19:22 mysql-bin.000002
-rw-rw---- 1 mysql mysql 1.1M Dec 14 19:22 mysql-bin.000003
-rw-rw---- 1 mysql mysql 107 Dec 14 19:23 mysql-bin.000004
-rw-rw---- 1 mysql mysql 76 Dec 14 19:23 mysql-bin.index
drwx------ 2 mysql mysql 4.0K Dec 14 19:22 performance_schema
-rw-r----- 1 mysql root 4.1K Dec 14 19:23 station253.example.com.err
-rw-rw---- 1 mysql mysql 5 Dec 14 19:23 station253.example.com.pid
drwx------ 2 mysql root 4.0K Dec 14 19:22 test
#data目录下每个目录通常被识别为数据库,例如:mysql,test
#每新建一个数据库,就自动新建一个目录
#ibdata1,innode数据库,ib_logfile日志
#mysql-bin.0000x二进制日志,用于实现mysql时间点恢复的重要文件。基于磁盘损坏时还能恢复数据考虑,不要将数据库文件MYD和二进制日志mysql-bin.0000x放在同一磁盘上。
#主机名station253.example.com.err文件错误日志记录本机mysql启动运行停止过程中出现的错误信息。
[root@station253 mysql]# tail -1 /mydata/data/station253.example.com.err
#检查最后的状态和错误。
Version: '5.5.33-log' socket: '/tmp/mysql.sock' port: 3306 MySQL Community Server (GPL)
#源码安装mysql.sock位置,rpm安装的默认位置/var/lib/mysql/mysql.sock
3.空密码本地登录
[root@station253 mysql]# mysql
mysql> use mysql;
Database changed
mysql> SHOW TABLES;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| event |
| func |
...........................
mysql> SELECT HOST,USER,PASSWORD FROM user;
+------------------------+------+----------+
| HOST | USER | PASSWORD |
+------------------------+------+----------+
| localhost | root | |
| station253.example.com | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| localhost | | |
| station253.example.com | | |
+------------------------+------+----------+
6 rows in set (0.00 sec)
4.mysql的认证机制
mysql的验证用户权限不是根据用户名,而是根据用户名+主机名确定的,某个用户经自己的主机名进入系统才会有对应权限。因此其中并没有远程主机名,当然无法远程连接。默认情况即使4个root@主机名+2个匿名@主机名的用户都是空密码都是禁止远程连接。
空密码十分危险,给root用户加密码
生产环境下要首先删除后3个,前3个留一个加密码,删除无用2个
::1 root #IPv6 地址
localhost
station253.example.com
#初始化设置密码,不指明主机,默认localhost
[root@station253 ~]# mysqladmin -uroot password 'redhat'
#第二次设置新密码,需要老密码验证
[root@station253 ~]# mysqladmin -uroot password '123456' -p
Enter password: redhat
#有密码时连接mysql
[root@station253 ~]# mysql -uroot -p
Enter password: 123456
mysql> use mysql;
Database changed
mysql> SELECT HOST,USER,PASSWORD from user;
+----------------------+------+-------------------------------------------+
| HOST | USER | PASSWORD |
+----------------------+------+-------------------------------------------+
| localhost | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
为用户[email protected],创建密码
[root@station253 ~]# mysqladmin -uroot -h127.0.0.1 password 'redhat'
mysqladmin: connect to server at '127.0.0.1' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'
修改[email protected]的密码被root@localhost用户阻止,-p 提供密码
[root@station253 ~]# mysqladmin -uroot -h127.0.0.1 password 'redhat' -p
Enter password: 123456
#修改的是localhost的密码
[root@station253 ~]# mysql -uroot -p
Enter password: redhat
mysql> use mysql;
Database changed
mysql> SELECT HOST,USER,PASSWORD from user; #表名严格区分大小写
+----------------------+------+-------------------------------------------+
| HOST | USER | PASSWORD |
+----------------------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
但反解析127.0.0.1是指向localhost的,更改的还是root@localhost,[email protected]仍旧为空密码
第二种方式为用户[email protected],创建密码
mysql> SET PASSWORD FOR'root'@'127.0.0.1'=PASSWORD('redhat');
Query OK, 0 rows affected (0.00 sec)
mysql> SELECT HOST,USER,PASSWORD from user;
+----------------------+------+-------------------------------------------+
| HOST | USER | PASSWORD |
+----------------------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| station253.example.com | root | |
| 127.0.0.1 | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
密码不是MD5加密,只是普通crypt函数加密,因此明文一样,密文也一样。
第三种方式
mysql> UPDATE user SET PASSWORD = PASSWORD('redhat') WHERE USER='root' and HOST='station253.example.com';
Query OK, 1 row affected (0.03 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> SELECT HOST,USER,PASSWORD from user;
+----------------------+------+-------------------------------------------+
| HOST | USER | PASSWORD |
+----------------------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| station253.example.com | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| 127.0.0.1 | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
三个系统默认用户添加密码完成,删除匿名用户。
mysql> DROP USER''@localhost; #删除用户名为空
Query OK, 0 rows affected (0.00 sec)
mysql> delete from user where password=''; #删除密码为空
Query OK, 2 rows affected (0.00 sec)
mysql> SELECT HOST,USER,PASSWORD from user where password='';
Empty set (0.00 sec)
mysql> SELECT HOST,USER,PASSWORD from user;
+----------------------+------+-------------------------------------------+
| HOST | USER | PASSWORD |
+----------------------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| station253.example.com | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| 127.0.0.1 | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+----------------------+------+-------------------------------------------+
3 rows in set (0.00 sec)
重读授权表生效。
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
mysql> quit;
Bye
Windows远程客户端连接MySQL Server
但windows远程客户端仍旧不能远程连接,授权,但生产环境千万不要授权root用户远程登录。
[root@station253 ~]# mysql -uroot -predhat
mysql> update user set host='192.168.1.%' where host='127.0.0.1';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> grant all privileges on *.* to root@'192.168.1.%' identified by 'redhat';
Query OK, 0 rows affected (0.00 sec)
mysql> select host,user,password from user;
+----------------------+------+-------------------------------------------+
| host | user | password |
+----------------------+------+-------------------------------------------+
| localhost | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| station253.example.com | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
| 192.168.1.% | root | *84BB5DF4823DA319BBF86C99624479A198E6EEE9 |
+----------------------+------+-------------------------------------------+
4 rows in set (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
windows外接进来可以了。
mysql只需要允许本网段主机可访问数据库即可。
#########################################################
SQL的模式匹配允许你使用“_”匹配任何单个字符,而“%”匹配任意数目字符(包括零个字符)。