MySQL 8.0.14 新的密碼認證方式和客戶端連接

時間 2019-11-10

標籤 mysql 8.0.14 新的密碼認證方式客戶端連接欄目 MySQL 简体版

原文原文鏈接

　　　　　　　　　　　　MySQL 8.0.14 新的密碼認證方式和客戶端連接html

　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　　做者：尹正傑node

　　MySQL8.0在密碼認證方式發生了改變，這也是有點小夥伴在MySQL建立了想用的用戶，也進行了受權操做，死活鏈接不上的MySQL的緣由，歸根究底仍是MySQL官方作了優化操做，可讓客戶端更快的鏈接到MySQL數據庫，說白了就是加密方式發生了改變！咱們在建立用戶時須要手動設置認證方式，由於目前主流的MySQL圖形化破解版工具，暫時還不支持MySQL8.0默認的密碼策略，修改方式可參考官方網站：https://dev.mysql.com/doc/refman/8.0/en/alter-user.html。sql

一.MySQL8新的密碼認證方式數據庫

　　其實在MySQL8.0版本以前，MySQL使用的加密方式是「mysql_native_passowrd"，在MySQL8.0以後，加密的方式改成「caching_sha2_password」，從字面意思理解，後者的加密方式應該更高效，以便提高客戶端的鏈接速度。session

1>.使用MySQL5.7版本查看用戶的加密插件工具

2>使用MySQL8.0版本查看用戶的加密插件測試

[root@node105 ~]# mysql -uroot -pyinzhengjie
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.14 MySQL Community Server - GPL

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> 
mysql> SELECT user,host,plugin from mysql.user where user='root';
+------+-----------+-----------------------+
| user | host      | plugin                |
+------+-----------+-----------------------+
| root | localhost | caching_sha2_password |
+------+-----------+-----------------------+
1 row in set (0.00 sec)

mysql> 
mysql> quit
Bye
[root@node105 ~]# 
[root@node105 ~]#

二.建立兩個測試用戶優化

[root@node105 ~]# mysql -uroot -pyinzhengjie
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10
Server version: 8.0.14 MySQL Community Server - GPL

Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> 
mysql> 
mysql> CREATE USER yzj@'%' IDENTIFIED BY 'yinzhengjie';　　　　　　　　　　　　　　　　　　　　　　　　　　　　#這裏咱們沒有指定MySQL的plugin的認證方式，MySQL8.0默認的認證方式是caching_sha2_password.
Query OK, 0 rows affected (0.01 sec)

mysql> 
mysql>  CREATE USER yinzhengjie@'%' IDENTIFIED WITH mysql_native_password BY 'yinzhengjie';　　　　　　#咱們這裏指定了MySQL的plugin的認證方式爲mysql_native_password.
Query OK, 0 rows affected (0.00 sec)

mysql> 
mysql> SELECT user,host,plugin FROM mysql.user;
+------------------+-----------+-----------------------+
| user             | host      | plugin                |
+------------------+-----------+-----------------------+
| yinzhengjie      | %         | mysql_native_password |
| yzj              | %         | caching_sha2_password |
| mysql.infoschema | localhost | caching_sha2_password |
| mysql.session    | localhost | caching_sha2_password |
| mysql.sys        | localhost | caching_sha2_password |
| root             | localhost | caching_sha2_password |
+------------------+-----------+-----------------------+
rows in set (0.00 sec)

mysql>
mysql> GRANT ALL on *.* TO yzj@'%';
Query OK, 0 rows affected (0.00 sec)

mysql> 
mysql> GRANT ALL on *.* TO yinzhengjie@'%';
Query OK, 0 rows affected (0.01 sec)

mysql> 
mysql> SHOW GRANTS FOR yzj@'%';
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for yzj@%                                                                                                                                                                                                                                                                                                                                                                 |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `yzj`@`%`    |
| GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `yzj`@`%` |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

mysql> 
mysql> 
mysql> 
mysql> 
mysql> SHOW GRANTS FOR  yinzhengjie@'%';
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Grants for yinzhengjie@%                                                                                                                                                                                                                                                                                                                                                                 |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `yinzhengjie`@`%`    |
| GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `yinzhengjie`@`%` |
+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

mysql> 
mysql>