Old boy Education day: March 13, 2017-How do I prevent MySQL login passwords from being compromised in Linux command lines or scripts?

no less than 3 different methods.

Knowing undeterred's solution:

1.1.1can be enforced by the following environment variablesLinuxdo not log sensitive history commands

executing at the command line Histcontrol=ignorespace , and then enter the command with a password in front of a space to log in, the login command will not be recorded in the history record.

[[Email protected]~]# histcontrol=ignorespace

#<== here is a temporary entry into force, in order to be permanent, please put /ETC/BASHRC .

[Email protected]~]# mysql-uroot-p ' oldboy123 '

#<== One more space at the beginning of the command.

1.1.2the command line record can be deleted in a timely manner after the sensitive command is done

Execution "History-d History Command Sequence number " clears the specified history command

[[Email protected]~]# history|tail-4

#<== Displays the history record.

252 mysql-uroot-p ' oldboy123 '

#<== This strip password, sensitive, pending deletion.

253 pwd 254 History 255 History|tail-4[[email protected]~]# history-d 252

#<== Remove the sequence number as 252 History of the data.

[Email protected]~]# history|tail-5 252 pwd

#<== Serial Number 252 The corresponding command with password login has disappeared.

253 history 254 History|tail-4 255 history-d 252 [history|tail-5] perform "history-c" to clear all records [[Email protected]~]# histo Ry-c[[email protected]~]# Historical 1 History perform ">~/.bash_history" purge the Chronicle file

1.1.3the boot script with the password and the backup script are added thepermissions, users and groups are changed toRoot.

chmod 700/data/3306/mysql

#<== can be used Kill the closed-mode database of the signal, thereby preventing password leaks.

chmod 700/server/scripts/bak.sh

#<== Write password to my.cnf configuration file so that no password is required to execute the backup command.

1.1.4Write the passwordmy.cnfconfiguration file and add thepermissions, users and groups are changed toMySQL.

[[Email protected]~]# cp/application/mysql/my.cnf/etc/[[email protected]~]# grep-a 2 client/etc/my.cnf

#<== Add the following three lines at the beginning of the configuration file without rebooting the system.

[Client]

#<== Client module tags.

User=root

#<== user parameters and passwords.

Password=oldboy123

#<== Password parameters and password.

[Email protected]~]# MySQL

#<== you don't have to enter a password to log into the database at this time.

Welcometo the MySQL Monitor. Commands Endwith; or \g.yourmysql connection ID is 8serverversion:5.6.34 Source distribution ... Omit several lines ... Type ' help ', ' or ' \h ' for help. Type ' \c ' to clearthe current input statement.mysql>

The way to know that there are tigers on the Hill:

[[Email protected]~]# mysql-uroot-p

#<== here the Standard DBA command line login command, interactive input password can effectively prevent password leakage.

Enter Password:

650) this.width=650; "border=" 0 "src=" http://a3.qpic.cn/psb?/V13TZzNY3ZQEre/ Cuftwixzrsgalsbradosmx6rkiffeohjxp3rddvbkfu!/b/dgcbaaaaaaaa&bo=gak9aaaaaaadbx0 "alt=" Old boy Training Exchange Group 09-2k "Title=" Old boy Training Exchange Group 09-2k "/>

This article is from the "Lee blog" blog, make sure to keep this source http://lidao.blog.51cto.com/3388056/1912536

Old boy Education day: March 13, 2017-How do I prevent MySQL login passwords from being compromised in Linux command lines or scripts?