Mysql (MariaDB 10.0.29): 设置root密码，但仍然可以不询问密码登录?

Mysql (MariaDB 10.0.29): Set root password, but still can login without asking password?(Mysql (MariaDB 10.0.29): 设置root密码，但仍然可以不询问密码登录?)

问题描述

我想通过设置 root 密码来保护 mysql.我成功重置了root密码:

I want to secure mysql by setting root password. I reset root password successfully:

MariaDB [(none)]> select Host, User, Password from mysql.user;
+-----------+------+-------------------------------------------+
| Host      | User | Password                                  |
+-----------+------+-------------------------------------------+
| localhost | root | *58319282EAB9E38D49CA25844B73DA62C80C2ABC |
+-----------+------+-------------------------------------------+
1 row in set (0.00 sec)

但是，在刷新权限后，重新启动 Mysql，我仍然可以在不输入密码的情况下登录 mysql(在本地主机上).

But, after flush privileges, restart Mysql, I can still login mysql (on local host) without typing password.

root@myhost:/# mysql
Welcome to the MariaDB monitor.  Commands end with ; or g.
Your MariaDB connection id is 10
Server version: 10.0.29-MariaDB SLE 12 SP1 package

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.

MariaDB [(none)]> 

如何强制mysql在连接时询问密码?谢谢！

How can I force mysql asking password when connect ? Thanks !

推荐答案

在 MySQL 表中有一个名为 plugin 的列:

On MySQL table you have a column called plugin:

MariaDB [(none)]> SELECT host, user, password, plugin FROM mysql.user LIMIT 0,1;
+-----------+------+-------------------------------------------+--------+
| host      | user | password                                  | plugin |
+-----------+------+-------------------------------------------+--------+
| localhost | root | *                                         |        |
+-----------+------+-------------------------------------------+--------+
1 row in set (0.00 sec)

如果我没记错的话，mariaDB 安装的默认插件是console"或unix_socket"，这个插件允许你在没有密码的情况下从控制台输入.但也禁用密码验证，并且您无法从其他客户端连接.

If I remember correctly the default plugin for mariaDB installations are 'console' or 'unix_socket', and this plugin allows you to enter without password, from console. But also disable authentication with password, and you cannot connect from another clients.

只需使用空 ('') 值更新插件字段，然后使用 FLUSH PRIVILEGES；

Simply update the plugin field with empty ('') value, and then, use FLUSH PRIVILEGES;

SET PASSWORD FOR 'root'@'localhost' = PASSWORD('MyNewPass');
UPDATE mysql.user SET plugin = '' WHERE user = 'root' AND host = 'localhost';
FLUSH PRIVILEGES;

有了这个，问题就解决了.

With this, you have the problem solved.

这篇关于Mysql (MariaDB 10.0.29): 设置root密码，但仍然可以不询问密码登录?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持编程学习网！