Mysql – How to change the password for root@127.0.0.1 and root@example.com

MySQLpassword-protectedroot

I was looking at the users in my mysql.user table and noticed that there are 3 roots.

root@localhost
root@127.0.0.1
root@example.com

When I first discovered this none of the roots were password protected. I managed to password protect root@localhost but I can't figure out how to password protect the other two. How would I do this via the command line?

Thanks for any help.

Best Answer

SQL Query:

update user set password=PASSWORD("NEWPASSWORD") where User='root' AND Host="127.0.0.1";
update user set password=PASSWORD("NEWPASSWORD") where User='root' AND Host="example.com";

Related Solutions

Debian MySQL User – What is the debian-sys-maint MySQL User?

What is debian-sys-maint used for?

One major thing it is used for is telling the server to roll the logs. It needs at least the reload and shutdown privilege.

See the file /etc/logrotate.d/mysql-server

It is used by the /etc/init.d/mysql script to get the status of the server. It is used to gracefully shutdown/reload the server.

Here is the quote from the README.Debian

* MYSQL WON'T START OR STOP?:
=============================
You may never ever delete the special mysql user "debian-sys-maint". This user
together with the credentials in /etc/mysql/debian.cnf are used by the init
scripts to stop the server as they would require knowledge of the mysql root
users password else.

What is the easiest way to restore it after I've lost it?

The best plan is to simply not lose it. If you really lose the password, reset it, using another account. If you have lost all admin privileges on the mysql server follow the guides to reset the root password, then repair the debian-sys-maint.

You could use a command like this to build a SQL file that you can use later to recreate the account.

mysqldump --complete-insert --extended-insert=0 -u root -p mysql | grep 'debian-sys-maint' > debian_user.sql

Is the password in /etc/mysql/debian.cnf already hashed

The password is not hashed/encrypted when installed, but new versions of mysql now have a way to encrypt the credentials (see: https://serverfault.com/a/750363).

Mysql – Creating new MySQL user… password and privileges not sticking

You have an anonymose user for localhost and that anonymous user don't have any password.

It is necessary to have both (% and localhost) accounts for your myuser to be able to connect from anywhere as myuser. Without the localhost account, the anonymous user account for localhost that is created by mysql_install_db would take precedence when myuser connects from the localhost. As a result, myuser would be treated as an anonymous user. The reason for this is that the anonymous-user account has a more specific Host column value than the myuser'@'%' account and thus comes earlier in the user table sort order.

About sort order:

The server uses sorting rules that order rows with the most-specific Host values first. Literal host names and IP addresses are the most specific. (The specificity of a literal IP address is not affected by whether it has a netmask, so for example 192.168.1.13 and 192.168.1.0/255.255.255.0 are considered equally specific.) The pattern '%' means "any host" and is least specific. The empty string '' also means "any host" but sorts after '%'. Rows with the same Host value are ordered with the most-specific User values first (a blank User value means "any user" and is least specific).

So mysql is considering your myuser as an anonymous user and since the anonymous user for localhost don't have any password, it is able to login without password.

To resolve your issue, you just need to create a localhost user for your myuser with password

Best Answer

Related Solutions

Debian MySQL User – What is the debian-sys-maint MySQL User?

Mysql – Creating new MySQL user… password and privileges not sticking

Related Topic