MySQL 8.0.14 新的密码认证方式和客户端链接
MySQL 8.0.14 新的密码认证方式和客户端链接
作者:尹正杰
版权声明:原创作品,谢绝转载!否则将追究法律责任。
MySQL8.0在密码认证方式发生了改变,这也是有点小伙伴在MySQL创建了想用的用户,也进行了授权操作,死活连接不上的MySQL的原因,归根究底还是MySQL官方做了优化操作,可以让客户端更快的连接到MySQL数据库,说白了就是加密方式发生了改变!我们在创建用户时需要手动设置认证方式,因为目前主流的MySQL图形化破解版工具,暂时还不支持MySQL8.0默认的密码策略,修改方式可参考官方网站:https://dev.mysql.com/doc/refman/8.0/en/alter-user.html。
一.MySQL8新的密码认证方式
其实在MySQL8.0版本之前,MySQL使用的加密方式是“mysql_native_passowrd",在MySQL8.0之后,加密的方式改为“caching_sha2_password”,从字面意思理解,后者的加密方式应该更高效,以便提升客户端的连接速度。
1>.使用MySQL5.7版本查看用户的加密插件
2>使用MySQL8.0版本查看用户的加密插件
[root@node105 ~]# mysql -uroot -pyinzhengjie mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 9 Server version: 8.0.14 MySQL Community Server - GPL Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> mysql> SELECT user,host,plugin from mysql.user where user='root'; +------+-----------+-----------------------+ | user | host | plugin | +------+-----------+-----------------------+ | root | localhost | caching_sha2_password | +------+-----------+-----------------------+ 1 row in set (0.00 sec) mysql> mysql> quit Bye [root@node105 ~]# [root@node105 ~]#
二.创建两个测试用户
[root@node105 ~]# mysql -uroot -pyinzhengjie mysql: [Warning] Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 10 Server version: 8.0.14 MySQL Community Server - GPL Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> mysql> mysql> CREATE USER yzj@'%' IDENTIFIED BY 'yinzhengjie'; #这里我们没有指定MySQL的plugin的认证方式,MySQL8.0默认的认证方式是caching_sha2_password. Query OK, 0 rows affected (0.01 sec) mysql> mysql> CREATE USER yinzhengjie@'%' IDENTIFIED WITH mysql_native_password BY 'yinzhengjie'; #我们这里指定了MySQL的plugin的认证方式为mysql_native_password. Query OK, 0 rows affected (0.00 sec) mysql> mysql> SELECT user,host,plugin FROM mysql.user; +------------------+-----------+-----------------------+ | user | host | plugin | +------------------+-----------+-----------------------+ | yinzhengjie | % | mysql_native_password | | yzj | % | caching_sha2_password | | mysql.infoschema | localhost | caching_sha2_password | | mysql.session | localhost | caching_sha2_password | | mysql.sys | localhost | caching_sha2_password | | root | localhost | caching_sha2_password | +------------------+-----------+-----------------------+ rows in set (0.00 sec) mysql> mysql> GRANT ALL on *.* TO yzj@'%'; Query OK, 0 rows affected (0.00 sec) mysql> mysql> GRANT ALL on *.* TO yinzhengjie@'%'; Query OK, 0 rows affected (0.01 sec) mysql> mysql> SHOW GRANTS FOR yzj@'%'; +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Grants for yzj@% | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `yzj`@`%` | | GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `yzj`@`%` | +----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) mysql> mysql> mysql> mysql> mysql> SHOW GRANTS FOR yinzhengjie@'%'; +------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Grants for yinzhengjie@% | +------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER, CREATE TABLESPACE, CREATE ROLE, DROP ROLE ON *.* TO `yinzhengjie`@`%` | | GRANT APPLICATION_PASSWORD_ADMIN,BACKUP_ADMIN,BINLOG_ADMIN,BINLOG_ENCRYPTION_ADMIN,CONNECTION_ADMIN,ENCRYPTION_KEY_ADMIN,GROUP_REPLICATION_ADMIN,PERSIST_RO_VARIABLES_ADMIN,REPLICATION_SLAVE_ADMIN,RESOURCE_GROUP_ADMIN,RESOURCE_GROUP_USER,ROLE_ADMIN,SERVICE_CONNECTION_ADMIN,SESSION_VARIABLES_ADMIN,SET_USER_ID,SYSTEM_VARIABLES_ADMIN,XA_RECOVER_ADMIN ON *.* TO `yinzhengjie`@`%` | +------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) mysql> mysql>
三.客户端连接(Navicat for MySQL)
1>.使用没有指定plugin的用户来连接数据库(yzj)
2>.使用指定plugin的用户来连接数据库(yinzhengjie)
四.总结
目前市场上主流的客户端连接工具支持的密码认证为“mysql_native_password”,暂时不支持“caching_sha2_password”认证方式。
本文来自博客园,作者:尹正杰,转载请注明原文链接:https://www.cnblogs.com/yinzhengjie/p/10301516.html,个人微信: "JasonYin2020"(添加时请备注来源及意图备注,有偿付费)
当你的才华还撑不起你的野心的时候,你就应该静下心来学习。当你的能力还驾驭不了你的目标的时候,你就应该沉下心来历练。问问自己,想要怎样的人生。