...
Log on as the MySQL root user in session #1.
Code Block |
---|
mysql -u root -p |
In the second shell (after successfully logging in above) run the below command, substituting YOUR_NEW_ROOT_PASSWORD.
Code Block |
---|
mysql -u root -p -e "USE mysql; SET PASSWORD FOR 'root'@'localhost' = password('YOUR_NEW_ROOT_PASSWORD'); FLUSH PRIVILEGES; |
Now try to log in using that same (second) shell.
Code Block |
---|
mysql -u root -pYOUR_NEW_ROOT_PASSWORD |
If you can log in, you're all done!
...
Code Block |
---|
SELECT User, Host, Password FROM mysql.user; |
And change the SET PASSWORD command above to reflect the Host value in the second session.
Restricting MySQL to localhost
...
On some Linux distributions, you might find MySQL listening on all IP addresses. Unless you have a specific reason for this, it is very much recommended to restrict this to localhost.
You can check the listening address by running the below command.
For Debian and Ubuntu
Code Block |
---|
sudo grep -R bind /etc/mysql/ |
For Redhat and Centos
Code Block |
---|
sudo grep -R bind /etc/my.cnf.d/ |
If you don't get a result, try runnig the below netstat command.
Code Block |
---|
sudo netstat -lntup | grep mysqld |
If you see an IP address of 0.0.0.0 with a port of (usually) 3306 (as below), this means MySQL is listening on all available IPs.
Code Block |
---|
root@dev:/etc/mysql# sudo netstat -lntup | grep mysqld tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 8491/mysqld |
You should configure the bind-address to be 127.0.0.1 in:
Debian / Ubuntu: /etc/mysql/mariadb.conf.d/50-server.cnf
Redhat / Centos: /etc/my.cnf.d/server.cnf
Code Block |
---|
bind-address = 127.0.0.1 |
Credentials Encryption Key
...