[Ubuntu -- MySQL] Can I log on to MySQL without verification?

Source: Internet
Author: User

Configure MySQL password in Ubuntu

System Environment:
Linux Ubuntu 3.5.0-27-generic # 46-ubuntu SMP mon Mar 25 20:00:05 UTC 2013 i686 i686 i686 GNU/Linux
MySQL ver 14.14 distrib 5.5.29, for Debian-Linux-GNU (i686) using Readline 6.2

After MySQL is installed, you are not allowed to connect to a password...
Is there a default password or what is going on?
Try it now
Lzz @ Ubuntu:/var/lib/dpkg/INFO $ sudo mysql-u root-P
Enter password:
Welcome to the MySQL monitor. commands end with; or \ G.
Your MySQL connection ID is 45
Server version: 5.5.29-0ubuntu0. 12.10.1 (UBUNTU)

Come in. (In fact, the password has been set this time... I still don't know what's going on. I won't be able to get in the next time I enter without a password)

Lzz @ Ubuntu:/var/lib/dpkg/INFO $ mysql
Welcome to the MySQL monitor. commands end with; or \ G.
Your MySQL connection ID is 46
Server version: 5.5.29-0ubuntu0. 12.10.1 (UBUNTU)

Also come in. What is the difference between passwords? Check the information to see what is going on.

It turns out that there is a default user and password.
Lzz @ Ubuntu:/etc/MySQL $ sudo cat Debian. CNF
# Automatically generated for Debian scripts. Do not touch!
[Client]
Host = localhost
User = Debian-sys-Maint
Password = iyeuej0gy5ml42l5
Socket =/var/run/mysqld. Sock
[Mysql_upgrade]
Host = localhost
User = Debian-sys-Maint
Password = iyeuej0gy5ml42l5
Socket =/var/run/mysqld. Sock
Basedir =/usr

Find this post:
Installation Security:
The default is terrible.
Hack MYSQL:

MySQL is installed by default, and super users can log on without a password
Anonymous Access
Provide superuser and password in the configuration file
Shell with password login, history file
Unauthorized users can access the MySQL permission table: the entire MySQL database
Can start and stop the mysqld process, and can reset the password: -- skip-grant-tables
Brute force check
The application uses a plaintext password, and the user may have certain privileges.
Damage MYSQL:
CPU stealing cycle: Select MD5 (A. C), MD5 (B. C) from a, B order by rand ();
Forced disk I/O: Set session tmp_table_size = 1024*4;

Anonymous Access

Minimum: $ mysql_secure_installation
Remove anonymous users
Remove test database
Remove non-localhost Root User
Set Root Password

For MySQL, a simple operation such as adding, deleting, and so on will be performed at the beginning, and Oracle will be involved. user permission management is a big problem and should be standardized. check whether there are related installation and configuration specifications later.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.