工具mysql_secure_installation检查和去除安全隐患

mysql_secure_installation用来提高mysql的安全性:

官网说明如下:

This program enables you to improve the security of your MySQL installation in the following ways:

  • You can set a password for root accounts.

  • You can remove root accounts that are accessible from outside the local host.

  • You can remove anonymous-user accounts.

  • You can remove the test database (which by default can be accessed by all users, even anonymous users), and privileges that permit anyone to access databases with names that start with test_.

1.安装密码验证插件

2.修改基于密码规则的新密码

3.删除匿名用名

4.关闭root的远程连接

5.删除测试数据库

[root@qht131 ~]# mysql_secure_installation
mysql_secure_installation: [ERROR] unknown option '--no-auto-rehash'

Securing the MySQL server deployment.

Connecting to MySQL server using password in '/root/.mysql_secret'
Error: Access denied for user 'root'@'localhost' (using password: YES)
[root@qht131 ~]# mysql_secure_installation -p
mysql_secure_installation: [ERROR] unknown option '--no-auto-rehash'
Enter password:

Securing the MySQL server deployment.


VALIDATE PASSWORD PLUGIN can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD plugin?

Press y|Y for Yes, any other key for No: n
Using existing password for root.
Change the password for root ? ((Press y|Y for Yes, any other key for No) : n

 ... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : n

 ... skipping.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n

 ... skipping.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : n

 ... skipping.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : n

 ... skipping.
All done!

文章来源: 工具mysql_secure_installation检查和去除安全隐患

人吐槽 人点赞

猜你喜欢

发表评论

用户名: 密码:
验证码: 匿名发表

你可以使用这些语言

查看评论:工具mysql_secure_installation检查和去除安全隐患