FAQ:MySQL
MySQL 忘记并重置密码
步骤:
- 无密码模式启动 MySQL;
- 连接并修改密码;
设置跳过权限验证
MySQL 5.7 :
- 修改配置文件(“my.ini”或“/etc/my.cnf”):
[mysqld] ... # 跳过权限验证 skip-grant-tables
- 重启服务器;
- 连接到 MySQL;
MySQL 8+ :
- 停止服务;
- 命令行执行“mysqld --console --skip-grant-tables --shared-memory”(保持窗口);
- 连接到 MySQL;
- 修改配置文件的方式(“skip-grant-tables”)已失效,服务启动后马上停止!
- 此方式连接时会出现“2003 - can't connect to mysql server on 'localhost' (10060 "Unknown error") ”
修改密码:
use mysql; flush privileges; alter user 'root'@'localhost' identified by '@eijux'; flush privileges;
- 修改密码前先刷新权限,避免“1290 - The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement”问题;
- 通过“password_last_changed”(密码修改时间)字段,可以确定修改是否成功;
密码相关
密码字段:
- MySQL 5.7 以前:“PASSWORD”字段;
- MySQL 5.7 以后:“authentication_string”字段;
认证插件:【默认插件设置在配置文件中】
- MySQL 5.7:默认“mysql_native_password”;
- MySQL 8:默认“caching_sha2_password”,可选“mysql_native_password”;
更新密码:
- MySQL 5.7:
# 以下等效: UPDATE mysql.user SET authentication_string=PASSWORD('@eijux') WHERE user='root' and host='localhost'; UPDATE mysql.user SET authentication_string=UPPER(CONCAT('*',SHA1(UNHEX(SHA1('@eijux'))))) WHERE user='root' and host='localhost'; alter mysql.user 'root'@'localhost' identified by '@eijux';
- MySQL 8:
# 使用配置的认证插件加密 alter mysql.user 'root'@'localhost' identified by '@eijux'; # 使用“mysql_native_password”加密: alter mysql.user 'root'@'localhost' identified with mysql_native_password by '@eijux'; # 使用“caching_sha2_password”加密: alter mysql.user 'root'@'localhost' identified with caching_sha2_password by '@eijux';
错误信息
“1045-Access denied for user 'root'@'localhost'(using password:YES)”
如果连接到 MySQL 时出现该提示,即 root 用户对于 localhost 之外的连接被拒绝,需要修改其 host 为“%”:
use mysql;
update user set host = '%' where user = 'root';
flush privileges;
“1290 - The MySQL server is running with the --skip-grant-tables option so it cannot execute this statement”
执行权限相关命令时出现该提示,则需要在该命令前先执行:
flush privileges;
思路:
- 密码丢失,必须采用无密码启动的方式进入系统,才能进行修改密码操作;
- (Mysql5.7+)password字段和password()函数,密码为authentication_string字段;
- mysql8.0之前的版本加密规则是 mysql_native_password,8.0之后是caching_sha2_password;
步骤:
- 修改配置文件
vim /etc/my.cnf,添加skip-grant-tables(跳过权限验证); - 重启mysql服务:
systemctl restart mysqld; - mysql登录(无需密码):
mysql -uroot -p; - 刷新权限表:
flush privileges;; - 重置密码:
use mysql; alter user 'root'@'localhost' identified by 'newpassword';
- 重置配置文件
vim /etc/my.cnf,删除skip-grant-table; - 重启mysql服务:
systemctl restart mysqld;
其他:
- MySQL5.7更新密码:
UPDATE mysql.user SET authentication_string=PASSWORD('newpassword') WHERE user='root' and host='localhost';
UPDATE mysql.user SET authentication_string=UPPER(CONCAT('*',SHA1(UNHEX(SHA1('admin'))))) WHERE user='root' and host='localhost';
PASSWORD('admin')等同UPPER(CONCAT('*',SHA1(UNHEX(SHA1('admin'))))),等于字符串“*4ACFE3202A5FF5CF467898FC58AAB1D615029441”。
- Linux服务操作
systemctl start mysqld //开启服务 systemctl stop mysqld //停止服务 systemctl restart mysqld //重启服务 systemctl status mysqld //服务状态查看
- 查看用户相关信息:
select host, user, authentication_string, plugin from user;
- host:用户登录方式,
'localhost'本地登录,'%'可远程登录; - authentication_string:用户密码;
- plugin:密码加密方式;
- (用指定加密方式)更改用户密码:
alter mysql.user 'root'@'localhost' identified with caching_sha2_password by 'newpassword';
alter mysql.user 'root'@'localhost' identified with mysql_native_password by 'newpassword';
- 命令行方式无密码启动MySQL(不修改配置文件):【???】
- 停止MySQL服务;
- 命令行启动Mysql:
mysqld --console --skip-grant-tables --shared-memory
- (进入mysql后)把 authentication_string 设置为空,所以可以免密码登录【???】:
update mysql.user set authentication_string='' where user='root';
- 查看MySQL密码校验相关设置:
SHOW VARIABLES LIKE 'validate_password.%';
- 修改密码策略:
set global validate_password.length = 6; //密码长度 set global validate_password.policy = 'LOW'; //密码策略级别 FLUSH PRIVILEGES; //刷新权限