Mariadb遠端登陸配置及問題解決
前言:
安裝過程不再贅述,直接說問題,mysql的遠端連線需要解決兩個問題:1.允許root使用者遠端連線。2.允許任意ip遠端連線資料庫。當然,在測試和解決問題之前,得首先保證你的資料庫與遠端主機之間的網路通訊沒有問題,簡單的來說,就是互相ping通,其次,為了避免防火牆的干擾,將本地主機和資料庫主機的防火牆都關閉,當然,生產環境下防火牆肯定是要開啟的,並且需要額外的安全配置。
問題解決:
1.新安裝的資料庫預設是需要初始化的,在資料庫服務啟動的情況下,使用下面的命令來進行初始化。
[root@localhost ~]# mysql_secure_installation New password: Re-enter new password: Password updated successfully! Reloading privilege tables.. ... Success! By default,a MariaDB installation has an anonymous user,allowing anyone to log into MariaDB without having to have a user account created for them. This is intended only for testing,and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users? [Y/n] ... Success! Normally,root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely? [Y/n] n #如果是為root使用者配置遠端登陸,這裡需要選擇n,不選擇禁止root使用者遠端登陸,別的選擇都無關緊要。 ... skipping. By default,MariaDB comes with a database named 'test' that anyone can access. This is also intended only for testing,and should be removed before moving into a production environment. Remove test database and access to it? [Y/n] - Dropping test database... ... Success! - Removing privileges on test database... ... Success! Reloading the privilege tables will ensure that all changes made so far will take effect immediately. Reload privilege tables now? [Y/n] ... Success! Cleaning up... All done! If you've completed all of the above steps,your MariaDB installation should now be secure. Thanks for using MariaDB![root@localhost ~]# systemctl restart mariadb #完成初始化之後,重啟服務。
2.允許root使用者遠端連線與允許任意ip遠端連線資料庫都是可以通過在資料庫裡執行一條命令來實現的。
這裡分為兩種情況:
1)新建admin使用者遠端連線mysql資料庫(新建任意使用者,以admin為例)
grant all on *.* to admin@'%' identified by '123456' with grant option;
flush privileges;
允許任何ip地址(%表示允許任何ip地址)的電腦用admin帳戶和密碼(123456)來訪問這個mysql server。
注意admin賬戶不一定要存在。
2)支援root使用者允許遠端連線mysql資料庫
grant all privileges on *.* to 'root'@'%' identified by '123456' with grant option;
flush privileges;
需要注意的是,為root使用者配置遠端登陸,密碼需要和之前配置的密碼一致。
3.ubuntu系統的額外配置。
Ubuntu系統的my.cnf檔案在vim /etc/mysql/mysql.conf.d/mysqld.cnf中,註釋掉其中的
bind-address = 127.0.0.1
centos系統的配置檔案中預設沒有該行。
檢查的辦法也很簡單,在資料庫啟動的前提下,使用netstat -an | grep 3306檢視埠的連線資訊。0.0.0.0則表示允許任意IP連線。
如圖所示則為允許任意IP連線。
以上就是本文的全部內容,希望對大家的學習有所幫助,也希望大家多多支援我們。