[TriLUG] shooting one's self in the foot with MySQL

Thomas G. Mayfield hulett819 at mailcan.com
Thu Oct 14 10:28:51 EDT 2004


Dan Monjar wrote:
> OK, so I've had mysql running for quite a while on one of my boxes.  I'm 
> using it for Snort with ACID and just recently been playing with 
> FreeRadius and mysql.
> 
> I got phpMyAdmin working and it kept complaining about mysql not having 
> passwords and how I needed to close this gaping security hole. So I 
> proceeded to close said hole.... See where I'm going?  I can't get mysql 
> to let me access it now.
> 
> ---------------
> [root at idsdb bin]# mysql --user=root mysql
> ERROR 1044: Access denied for user: '@localhost' to database 'mysql'
> ---------------
> 
> Its not even asking for the password, which I do know.  Before I blow 
> away the grant tables and recreate them I'm trying to understand what I 
> did wrong and how to fix it.  for instance, why does the error show the 
> user as '@localhost'?
> 

You can use 'mysql --user=root --password=<FOO>', or if you've totally 
eaten the password field (accomplished that myself about 2 weeks ago), 
you can open up mysql in "safe" mode and go fix your problems from there.


MySQL manual handy references for when passwords have become b0rked:
A.4.1 How to Reset the Root Password
http://dev.mysql.com/doc/mysql/en/Resetting_permissions.html

5.5.8 Causes of 'Access Denied' Errors
http://dev.mysql.com/doc/mysql/en/Access_denied.html


Guides to what you were trying to do:
2.4.3 Securing the Initial MySQL Accounts
http://dev.mysql.com/doc/mysql/en/Default_privileges.html

5.4.1 General Security Guidelines
http://dev.mysql.com/doc/mysql/en/Security_guidelines.html

5.4.2 Making MySQL Secure Against Attackers
http://dev.mysql.com/doc/mysql/en/Security_against_attack.html


--Thomas



More information about the TriLUG mailing list