快捷導(dǎo)航

MySQL安全配置向?qū)ysql_secure_installation詳解

更新時(shí)間：2014年03月06日 09:02:54 投稿：junjie

這篇文章主要介紹了MySQL安全配置向?qū)ysql_secure_installation各項(xiàng)配置的含義,并依據(jù)經(jīng)驗(yàn)給予一了一些建議,需要的朋友可以參考下

安裝完mysql-server 會(huì)提示可以運(yùn)行mysql_secure_installation。運(yùn)行mysql_secure_installation會(huì)執(zhí)行幾個(gè)設(shè)置：
a)為root用戶設(shè)置密碼
b)刪除匿名賬號(hào)
c)取消root用戶遠(yuǎn)程登錄
d)刪除test庫(kù)和對(duì)test庫(kù)的訪問(wèn)權(quán)限
e)刷新授權(quán)表使修改生效

通過(guò)這幾項(xiàng)的設(shè)置能夠提高mysql庫(kù)的安全。建議生產(chǎn)環(huán)境中mysql安裝這完成后一定要運(yùn)行一次mysql_secure_installation，詳細(xì)步驟請(qǐng)參看下面的命令:

復(fù)制代碼代碼如下:

[root@server1 ~]# mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL

SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!

In order to log into MySQL to secure it, we'll need the current

password for the root user. If you've just installed MySQL, and

you haven't set the root password yet, the password will be blank,

so you should just press enter here.

Enter current password for root (enter for none):<–初次運(yùn)行直接回車(chē)

OK, successfully used password, moving on…

Setting the root password ensures that nobody can log into the MySQL

root user without the proper authorisation.

Set root password? [Y/n] <– 是否設(shè)置root用戶密碼，輸入y并回車(chē)或直接回車(chē)

New password: <– 設(shè)置root用戶的密碼

Re-enter new password: <– 再輸入一次你設(shè)置的密碼

Password updated successfully!

Reloading privilege tables..

… Success!

By default, a MySQL installation has an anonymous user, allowing anyone

to log into MySQL without having to have a user account created for

them. This is intended only for testing, and to make the installation

go a bit smoother. You should remove them before moving into a

production environment.

Remove anonymous users? [Y/n] <– 是否刪除匿名用戶,生產(chǎn)環(huán)境建議刪除，所以直接回車(chē)

… Success!

Normally, root should only be allowed to connect from 'localhost'. This

ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] <–是否禁止root遠(yuǎn)程登錄,根據(jù)自己的需求選擇Y/n并回車(chē),建議禁止

… Success!

By default, MySQL comes with a database named 'test' that anyone can

access. This is also intended only for testing, and should be removed

before moving into a production environment.

Remove test database and access to it? [Y/n] <– 是否刪除test數(shù)據(jù)庫(kù),直接回車(chē)

- Dropping test database…

… Success!

- Removing privileges on test database…

… Success!

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

Reload privilege tables now? [Y/n] <– 是否重新加載權(quán)限表，直接回車(chē)

… Success!

Cleaning up…

All done! If you've completed all of the above steps, your MySQL

installation should now be secure.

Thanks for using MySQL!

[root@server1 ~]#