Mysql 5.7 root密码重置(centos 7)

发表于 |

mysql 5.7版本之后,安装以后启动时会进行随机密码的设定。

输入以下命令可查询root用户的初始密码:

1
-> grep password /var/log/mysqld.log

如果密码设置过之后又忘记了,可以在配置文件/etc/my.cnf中加入

1
skip-grant-tables=1

然后重启mysql

1
2
3
4
[root@luo ~]# mysql
mysql> use mysql
mysql> update user set authentication_string = password("123456") where user="root";
mysql> flush privileges;

然后将/etc/my.cnf中的skip-grant-tables=1注释掉,重启mysql服务

mysql密码难度修改

mysql密码修改为123456之后,有人发现使用123456能进入mysql,但是却不能使用mysql的任何功能。会出现如下情况:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@luo ~]# mysql -uroot -p123456
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 4
Server version: 5.7.19

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show databases;
ERROR 1820 (HY000): You must reset your password using ALTER USER statement before executing this statement.

实际上,在初始更改root密码时,并不能直接使用update来更改,需要使用alter user命令来更改

alter user 'root'@'localhost' identified by '123456';
1
2
3
4
5
6
7
8
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
## mysql在5.7版本中加了密码安全等级,弱密码不能使用

mysql> alter user 'root'@'localhost' identified by 'QWEqwe123!@#';
Query OK, 0 rows affected (0.00 sec)

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql 安全策略以及root密码清空

在上述修改密码之后,可查看mysql的密码安全策略

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
[root@luo ~]# mysql -uroot -p'QWEqwe123!@#'
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 6
Server version: 5.7.19 MySQL Community Server (GPL)

Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> show variables like '%password%';
+---------------------------------------+--------+
| Variable_name                         | Value  |
+---------------------------------------+--------+
| default_password_lifetime             | 0      |
| disconnect_on_expired_password        | ON     |
| log_builtin_as_identified_by_password | OFF    |
| mysql_native_password_proxy_users     | OFF    |
| old_passwords                         | 0      |
| report_password                       |        |
| sha256_password_proxy_users           | OFF    |
| validate_password_check_user_name     | OFF    |
| validate_password_dictionary_file     |        |
| validate_password_length              | 8      |
| validate_password_mixed_case_count    | 1      |
| validate_password_number_count        | 1      |
| validate_password_policy              | MEDIUM |
| validate_password_special_char_count  | 1      |
+---------------------------------------+--------+
14 rows in set (0.00 sec)

想要永久修改配置,需要编辑my.cnf配置文件,在mysqld下面加入“validate-password=0”,然后重启mysql

1
2
3
4
5
6
7
8
[root@luo ~]# grep -v ^# /etc/my.cnf  | grep -v ^$
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
validate-password=0
symbolic-links=0
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid

将mysql的密码安全等级降低之后,可以将root密码修改回来

1
2
3
4
5
6
7
8
9
10
11
12
13
mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> update user set authentication_string = password("") where user="root";
Query OK, 1 row affected (0.00 sec)
Rows matched: 1  Changed: 1  Warnings: 0

mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)

mysql> exit;

以上密码root即清除为空了。使用mysql即可直接进入mysql,当然生产环境中不推荐此种做法