Database Reference
In-Depth Information
More on Passwords and Removing Anonymous Users
Privileges in MySQL are set based ona combination of the user's name and the user's
host. For instance, the user root is allowed to do everything from the localhost, but very
little or nothing from a remote location. This is for security. Therefore, there may be more
than one username/host combination for root . Using mysqladmin , you changed the pass-
word forrooton the localhost, as you would have executed it while logged into the server
where MySQL is located locally. Now you should set the password for all of the user-
name/host combinations for root . To get a list of username and host combinations on the
server, execute the following from the command line:
mysql -u root -p -e "SELECT User,Host FROM mysql.user;"
+------+-----------------------+
| User | Host |
+------+-----------------------+
| root | 127.0.0.1 |
| root | localhost |
| root | % |
| | localhost |
+------+-----------------------+
If this didn't work for you, it may be that you don't have the mysql client in your com-
mand path. You may have to preface mysql with /bin/ or /usr/bin/ , or the path for wherever
the binary files for MySQL are installed. The command will be the same for MariaDB.
The results here are contrived. It's unlikely you will see exactly these results. But there are
versions of MySQL whose host for root is % , which is a wildcard meaning any host. This
is not good for security, because it allows anybody to claim to be root and to gain access
from any location. And there have been versions of MySQL in which the username is left
blank, meaning that any username from the localhost is accepted. This is an anonym-
ous user. All of the users you will see in the results, though, will initially have no pass-
word. You should delete any unnecessary users and set passwords for those that you want
to keep. Although 127.0.0.1 and localhost translate to the same host, the password
should be changed for both. To change the root user's password for the first two entries
shown in the previous example and to delete the second two user/host combinations
shown, you would enter the following at the command prompt:
mysql -u root -p -e "SET PASSWORD FOR 'root'@'127.0.0.1'
PASSWORD(' new_pwd ');"
mysql -u root -p -e "SET PASSWORD FOR 'root'@'localhost'
PASSWORD(' new_pwd ');"
mysql -u root -p -e "DROP USER 'root'@'%';"
mysql -u root -p -e "DROP USER ''@'localhost';"
Search WWH ::




Custom Search