[리눅스] MySQL 5.7 보안설정
간단한 명령어 하나로 보안 설정 및 MySQL root 암호를 변경하는 것을 진행하겠습니다.
MySQL 5.7 버전의 경우 /var/log/mysqld.log 파일 내에 임시 비밀번호가 저장됩니다.
다음의 명령어로 간단하게 찾으실 수 있습니다.
cat /var/log/mysqld.log | grep "temporary password"
[root@dothome-world ~]# cat /var/log/mysqld.log | grep "temporary password"
019-07-05T08:40:24.840936Z 1 [Note] A temporary password is generated for root@localhost: pyeF6fK7Du!/
위에서 나온 비밀번호(pyeF6fK7Du!/)를 복사하시거나 메모하신 후 다음 명령어로 보안 설정을 진행하겠습니다.
다음의 주석들을 확인해 보시면서 진행하시면 됩니다.
mysql_secure_installation
[root@dothome-world ~]# mysql_secure_installation
Securing the MySQL server deployment.
Enter password for user root: # 임시 비밀번호 입력(pyeF6fK7Du!/)
The existing password for the user account root has expired. Please set a new password.
New password: # 사용 원하시는 MySQL root 암호 입력
Re-enter new password: # 재 입력
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : No # 이미 변경해서 스킵
... skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : y # anonymous 계정 삭제
Success.
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y # MySQL 원격 접속 비허용
Success.
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y # TEST DB 삭제
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y # grant 권한 재설정
Success.
All done!