1.设置 MySQL root 用户暗码。
2.删除匿名用户。
3.禁止 root 用户远程登录。
4.删除测试数据库。
5.重新加载权限表。
以下是执行 mysql_secure_installation 的详细步调:
步调 1:启动 mysql_secure_installation 脚本
打开终端并执行以下下令:
sudo mysql_secure_installation
步调 2:输入当前的 MySQL root 暗码
假如这是第一次设置,MySQL root 用户没有暗码,你可以直接按 Enter 键。否则,输入当前的 root 暗码。
步调 3:设置新的 root 暗码
你会被扣问是否要设置新的 root 暗码。假如当前没有设置 root 暗码,建议设置一个强暗码。输入 Y 并按 Enter,然后按照提示设置暗码。
步调 4:删除匿名用户
删除匿名用户账户,防止未授权用户登录 MySQL。输入 Y 并按 Enter。
5:禁止 root 用户远程登录
为了提高安全性,建议禁止 root 用户远程登录。输入 Y 并按 Enter。
步调 6:删除测试数据库
删除默认安装的测试数据库,它可以被任何用户访问。输入 Y 并按 Enter。
步调 7:重新加载权限表
末了,重新加载权限表,以确保所有更改生效。输入 Y 并按 Enter。
完整示例
以下是一个完整的示例输出:
Securing the MySQL server deployment.
Enter password for user root: (输入当前的 root 暗码或直接按 Enter 假如没有暗码)
The existing password for the user account root has expired. Please set a new password.
New password: (输入新的 root 暗码)
Re-enter new password: (重新输入新的 root 暗码)
VALIDATE PASSWORD PLUGIN can be used to test passwords and improve security.
It checks the strength of password and allows the users to set only those passwords which are secure enough.
Would you like to setup VALIDATE PASSWORD plugin?
Press y|Y for Yes, any other key for No: Y (根据必要选择是否启用暗码验证插件)
Please set the password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 1 (选择暗码验证策略)
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : N (假如刚刚设置了暗码,这里选择 N)
… skipping.
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
production environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y (删除匿名用户)
Success.
Normally, root should only be allowed to connect from ‘localhost’. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y (禁止 root 用户远程登录)
Success.
By default, MySQL comes with a database named ‘test’ that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y (删除测试数据库)
- Dropping test database…
Success.
- Removing privileges on test database…
Success.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y (重新加载权限表)
Success.
All done!
你已经乐成执行了 mysql_secure_installation 并提高了 MySQL 服务器的安全性。
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |