Mysql – thesql_secure_installation doesnt set root password

MySQLubuntu-18.04

I am running Ubuntu 18.04 (Server version: 5.7.28-0ubuntu0.18.04.4 (Ubuntu)) and have done a fresh mysql installation. I've used mysql_secure_installation and set a root password. However when I then go (logged in as root) mysql -u root -p and enter a blank password I am still able to login to the MySQL server. I've done flush privileges, I've tried Unable to set mysql root password and I notice a similar (but unanswered) issue here: mysql_secure_installation on Ubuntu 16.04 doesn't set the root pass.

Why would MySQL not store/save the root password? Interestingly if I try to connect as a non-root user I am not able to connect with empty OR the password.

Best Answer

So it turns out that MySQL 5.7 now allows a user of the same name to access MySQL if the authentication type is "auth_socket". I'm personally not a fan - so the solution was found here:

https://www.percona.com/blog/2016/03/16/change-user-password-in-mysql-5-7-with-plugin-auth_socket/

Related Solutions

Debian MySQL User – What is the debian-sys-maint MySQL User?

What is debian-sys-maint used for?

One major thing it is used for is telling the server to roll the logs. It needs at least the reload and shutdown privilege.

See the file /etc/logrotate.d/mysql-server

It is used by the /etc/init.d/mysql script to get the status of the server. It is used to gracefully shutdown/reload the server.

Here is the quote from the README.Debian

* MYSQL WON'T START OR STOP?:
=============================
You may never ever delete the special mysql user "debian-sys-maint". This user
together with the credentials in /etc/mysql/debian.cnf are used by the init
scripts to stop the server as they would require knowledge of the mysql root
users password else.

What is the easiest way to restore it after I've lost it?

The best plan is to simply not lose it. If you really lose the password, reset it, using another account. If you have lost all admin privileges on the mysql server follow the guides to reset the root password, then repair the debian-sys-maint.

You could use a command like this to build a SQL file that you can use later to recreate the account.

mysqldump --complete-insert --extended-insert=0 -u root -p mysql | grep 'debian-sys-maint' > debian_user.sql

Is the password in /etc/mysql/debian.cnf already hashed

The password is not hashed/encrypted when installed, but new versions of mysql now have a way to encrypt the credentials (see: https://serverfault.com/a/750363).

Mysql – How to set password for phpMyAdmin with default install of WAMP2

The file that you want to take a look at is config.inc.php which should be in the root directory of your phpMyAdmin folder, for information on the settings you can put in this file take a look at http://wiki.phpmyadmin.net/pma/Quick_Install#Manually.

For a very basic config file, backup the old one, and create a new one with the following contents

<?php
// use here a value of your choice (maximum 46 characters):
$cfg['blowfish_secret'] = 'a8b7c6d';    

$i = 0;
$i++;

// 'cookie' (or 'http' , especially if mcrypt could not be loaded,
// but cookie giving more meaningful error messages in the testing phase)
// older PHP versions had some problems with "cookie" on 64 bit boxes though
$cfg['Servers'][$i]['auth_type'] = 'cookie';

// PHP 5 support for new MySQL 4.1.3+ features:
$cfg['Servers'][$i]['extension'] = 'mysqli';

// if you insist on "root" having no password, pma3 needs: 
$cfg['Servers'][$i]['AllowNoPasswordRoot'] = true; 
?>

Best Answer

Related Solutions

Debian MySQL User – What is the debian-sys-maint MySQL User?

Mysql – How to set password for phpMyAdmin with default install of WAMP2

Related Topic