多个 root 用户记录,而且有些记录的密码是空的,导致认证混乱。
多个 root 用户记录,而且有些记录的密码是空的,导致认证混乱。
留言:之前再讲mysql时候,经常有人可以远程登录的时候,结果发现没办法本地登录了,具体体现方式是这样的(看问题体现):现在我可以明确的告诉你们,是你们的root认证太多了,系统无法识别你要的是哪一个root,干脆只给你一个匿名用户,会出现什么现象呢,就是你直接mysql -uroot登进去了(你会惊奇的发现你没输入密码就稀里糊涂的进来了),但你没有任何增删改的权限,不过你可以看看,非常的有意思
问题体现
[root@bogon ~]# mysql -uroot -p123456 -hlocalhost
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
[root@bogon ~]# mysql -uroot -p123456 -h127.0.0.1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
[root@bogon ~]# mysql -uroot -p123456 --protocol=socket
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
登进去看下啊
[root@bogon ~]# systemctl stop mysqld
[root@bogon ~]# mysqld_safe --skip-grant-tables --skip-networking &
[1] 1617
[root@bogon ~]# Logging to '/application/mysql/data/bogon.err'.
250917 20:29:22 mysqld_safe Starting mysqld daemon with databases from /application/mysql/data
[root@bogon ~]# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.40 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> SELECT host, user, password FROM user;
+-----------+------+-------------------------------------------+
| host | user | password |
+-----------+------+-------------------------------------------+
| % | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| bogon | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| localhost | | |
| bogon | | |
+-----------+------+-------------------------------------------+
6 rows in set (0.00 sec)
mysql>
清理用户表并统一密码
DELETE FROM user WHERE user = 'root' AND (password = '' OR host != '%');
DELETE FROM user WHERE user = '';
FLUSH PRIVILEGES;
解决过程
[root@bogon ~]# mysql -uroot -p123456 -hlocalhost
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
[root@bogon ~]# mysql -uroot -p123456 -h127.0.0.1
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
[root@bogon ~]# mysql -uroot -p123456 --protocol=socket
Warning: Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES)
[root@bogon ~]# systemctl stop mysqld
[root@bogon ~]# mysqld_safe --skip-grant-tables --skip-networking &
[1] 1617
[root@bogon ~]# Logging to '/application/mysql/data/bogon.err'.
250917 20:29:22 mysqld_safe Starting mysqld daemon with databases from /application/mysql/data
[root@bogon ~]# mysql -u root
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.40 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> USE mysql;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> SELECT host, user, password FROM user;
+-----------+------+-------------------------------------------+
| host | user | password |
+-----------+------+-------------------------------------------+
| % | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| bogon | root | |
| 127.0.0.1 | root | |
| ::1 | root | |
| localhost | | |
| bogon | | |
+-----------+------+-------------------------------------------+
6 rows in set (0.00 sec)
mysql> DELETE FROM user WHERE user = 'root' AND (password = '' OR host != '%');
Query OK, 3 rows affected (0.01 sec)
mysql> SELECT USER(), CURRENT_USER();
+--------+----------------+
| USER() | CURRENT_USER() |
+--------+----------------+
| root@ | @ |
+--------+----------------+
1 row in set (0.00 sec)
mysql> SELECT host, user, password FROM user;
+-----------+------+-------------------------------------------+
| host | user | password |
+-----------+------+-------------------------------------------+
| % | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
| localhost | | |
| bogon | | |
+-----------+------+-------------------------------------------+
3 rows in set (0.00 sec)
mysql> DELETE FROM user WHERE user = '';
Query OK, 2 rows affected (0.01 sec)
mysql> SELECT USER(), CURRENT_USER();
+--------+----------------+
| USER() | CURRENT_USER() |
+--------+----------------+
| root@ | @ |
+--------+----------------+
1 row in set (0.00 sec)
mysql> SELECT host, user, password FROM user;
+------+------+-------------------------------------------+
| host | user | password |
+------+------+-------------------------------------------+
| % | root | *6BB4837EB74329105EE4568DDA7DC67ED2CA2AD9 |
+------+------+-------------------------------------------+
1 row in set (0.00 sec)
mysql> exit;
Bye
[root@bogon ~]# pkill mysqld
[root@bogon ~]# 250917 20:35:45 mysqld_safe mysqld from pid file /application/mysql/data/bogon.pid ended
[1]+ Done mysqld_safe --skip-grant-tables --skip-networking
[root@bogon ~]# systemctl start mysqld
[root@bogon ~]# systemctl status mysqld
● mysqld.service - MySQL Server
Loaded: loaded (/usr/lib/systemd/system/mysqld.service; enabled; preset: disabled)
Active: active (running) since Wed 2025-09-17 20:35:59 CST; 7s ago
Docs: man:mysqld(8)
https://dev.mysql.com/doc/refman/en/using-systemd.html
Main PID: 1801 (mysqld)
Tasks: 21 (limit: 10892)
Memory: 436.8M
CPU: 595ms
CGroup: /system.slice/mysqld.service
└─1801 /application/mysql/bin/mysqld --defaults-file=/etc/my.cnf
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] InnoDB: 128 rollback segment(s) are active.
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] InnoDB: Waiting for purge to start
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] InnoDB: 5.6.40 started; log sequence number 1626107
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] Server hostname (bind-address): '*'; port: 3306
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] IPv6 is available.
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] - '::' resolves to '::';
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] Server socket created on IP: '::'.
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] Event Scheduler: Loaded 0 events
Sep 17 20:36:00 bogon mysqld[1801]: 2025-09-17 20:36:00 1801 [Note] /application/mysql/bin/mysqld: ready for connections.
Sep 17 20:36:00 bogon mysqld[1801]: Version: '5.6.40' socket: '/tmp/mysql.sock' port: 3306 MySQL Community Server (GPL)
[root@bogon ~]# mysql -uroot -p123456
Warning: Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 1
Server version: 5.6.40 MySQL Community Server (GPL)
Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| test |
+--------------------+
4 rows in set (0.00 sec)
mysql> create database abc_test;
Query OK, 1 row affected (0.00 sec)
mysql> show database;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'database' at line 1
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| abc_test |
| mysql |
| performance_schema |
| test |
+--------------------+
5 rows in set (0.00 sec)
mysql> history | tail -n 20
-> ;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'history | tail -n 20' at line 1
mysql> exit
Bye
[root@bogon ~]# history | tail -n 20
60 service mysql restart
61 systemctl restart mysqld
62 vi /etc/my.cnf
63 find / -name "mysqld.cnf"
64 systemctl status mysqld
65 mysql -uroot
66 mysql -uroot -p123456
67 mysql -v
68 mysql -uroot
69 mysql -uroot -p123456 -hlocalhost
70 mysql -uroot -p123456 -h127.0.0.1
71 mysql -uroot -p123456 --protocol=socket
72 systemctl stop mysqld
73 mysqld_safe --skip-grant-tables --skip-networking &
74 mysql -u root
75 pkill mysqld
76 systemctl start mysqld
77 systemctl status mysqld
78 mysql -uroot -p123456
79 history | tail -n 20
[root@bogon ~]#
验证是否会影响到正常的远程登录
浙公网安备 33010602011771号