1. 安装 mysql-server
$ apt-cache madison mysql-server # 查看可使用的版本
mysql-server | 8.0.41-0ubuntu0.24.04.1 | http://archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages
mysql-server | 8.0.41-0ubuntu0.24.04.1 | http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages
mysql-server | 8.0.36-2ubuntu3 | http://archive.ubuntu.com/ubuntu noble/main amd64 Packages
$ apt install mysql-server -y # 安装 mysql-server2. mysql 初始化配置
// 执行安全初始化(可选)
$ mysql_secure_installation
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
# 是否设置密码验证组件?
Press y|Y for Yes, any other key for No: y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
# 选择密码强度,1 数字、大小写混合以及特殊字符
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1
Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.0/en/alter-user.html#alter-user-password-management for more information.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
# 是否移除匿名用户?
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
# 禁止 root 用户远程登录 ?
Disallow root login remotely? (Press y|Y for Yes, any other key for No) :
... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
# 移除 test 数据库?
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
# 现在重新加载权限表吗?
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.
All done!// 设置 root@localhost 的密码
$ mysql -u root -p # 之后会提示输入 root 用户的密码,如无,直接回车
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'Xiodi.cn123';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;注意:密码必须包含大小写和数字,这是前面安全初始化的时候定义的。
// 配置监听地址,以允许远程连接
$ sed -i 's/^bind-address.*$/bind-address = 0.0.0.0/' /etc/mysql/mysql.conf.d/mysqld.cnf
$ systemctl restart mysql3. 创建用户
// 创建可以远程登录的 root 用户
mysql> CREATE USER 'root'@'%' IDENTIFIED BY 'Xiodi.cn1234';
mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY 'Xiodi.cn1234';// 查看所有用户和权限
mysql> SELECT host, user, select_priv, insert_priv, drop_priv, update_priv, authentication_string FROM mysql.user;4. 忘记密码
// 跳过安全认证,设置密码
$ echo "skip-grant-tables" >> /etc/mysql/mysql.conf.d/mysqld.cnf
$ systemctl restart mysql
$ mysql -u root # 不在需要密码
mysql> ALTER USER 'root'@'localhost' IDENTIFIED WITH caching_sha2_password BY 'Xiodi.cn123';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;// 恢复配置
$ sed -i '/skip-grant-tables/d' /etc/mysql/mysql.conf.d/mysqld.cnf
$ systemctl restart mysql作者:jackzang 创建时间:2025-02-26 13:35
最后编辑:jackzang 更新时间:2025-02-26 14:59
最后编辑:jackzang 更新时间:2025-02-26 14:59
