[TriLUG] shooting one's self in the foot with MySQL
Thomas G. Mayfield
hulett819 at mailcan.com
Thu Oct 14 10:28:51 EDT 2004
Dan Monjar wrote:
> OK, so I've had mysql running for quite a while on one of my boxes. I'm
> using it for Snort with ACID and just recently been playing with
> FreeRadius and mysql.
>
> I got phpMyAdmin working and it kept complaining about mysql not having
> passwords and how I needed to close this gaping security hole. So I
> proceeded to close said hole.... See where I'm going? I can't get mysql
> to let me access it now.
>
> ---------------
> [root at idsdb bin]# mysql --user=root mysql
> ERROR 1044: Access denied for user: '@localhost' to database 'mysql'
> ---------------
>
> Its not even asking for the password, which I do know. Before I blow
> away the grant tables and recreate them I'm trying to understand what I
> did wrong and how to fix it. for instance, why does the error show the
> user as '@localhost'?
>
You can use 'mysql --user=root --password=<FOO>', or if you've totally
eaten the password field (accomplished that myself about 2 weeks ago),
you can open up mysql in "safe" mode and go fix your problems from there.
MySQL manual handy references for when passwords have become b0rked:
A.4.1 How to Reset the Root Password
http://dev.mysql.com/doc/mysql/en/Resetting_permissions.html
5.5.8 Causes of 'Access Denied' Errors
http://dev.mysql.com/doc/mysql/en/Access_denied.html
Guides to what you were trying to do:
2.4.3 Securing the Initial MySQL Accounts
http://dev.mysql.com/doc/mysql/en/Default_privileges.html
5.4.1 General Security Guidelines
http://dev.mysql.com/doc/mysql/en/Security_guidelines.html
5.4.2 Making MySQL Secure Against Attackers
http://dev.mysql.com/doc/mysql/en/Security_against_attack.html
--Thomas
More information about the TriLUG
mailing list