0

After successful mysql_secure_installation

Output:

mysql_secure_installation
Enter current password for root (enter for none): 
Switch to unix_socket authentication [Y/n] n
Change the root password? [Y/n] y
New password:
MyBullPassword
Re-enter new password: 
MyBullPassword
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y

When I run:

mysql -u root -p

I AM able to connect to mysql without password or even with wrong password and instead of "access denied" message I'm connected to the MySQL server.

So I guess MySQL is not secured

Why? What am I doing wrong? Is is possible because I'm connected to the server as root? mysql gives me acssess even with wrong password?

OS: Centos 8 MySQL: MariaDB 10.5.8

GTsvetanov
  • 1,250
  • 6
  • 16
MANY Q
  • 1
  • 3

1 Answers1

0

You have to check for few things in your installation:

  • Socket connections - are they enabled or disabled
  • User specific configuration in my.cnf

There is a lot of information how to perform these checks and how to fix your issue here - How to disable MySQL root logins when no password is supplied?

GTsvetanov
  • 1,250
  • 6
  • 16
  • When I run this SELECT host, user, password, plugin FROM mysql.user; – MANY Q Jan 02 '21 at 17:26
  • | Host | User | Password | plugin | +-----------+-------------+-------------------------------------------+-----------------------+ | localhost | mariadb.sys | | mysql_native_password | | localhost | root | *CB48266FCF86AC2CA4EDA9DAC8D9F41D946F9A0E | mysql_native_password | | localhost | mysql | invalid | mysql_native_password | +-----------+-------------+-------------------------------------------+-----------------------+ – MANY Q Jan 02 '21 at 17:27
  • plugin :mysql_native_password – MANY Q Jan 02 '21 at 17:29
  • Socket connections - how can I find if they are enabled or disabled? – MANY Q Jan 02 '21 at 17:31
  • /etc/my.cnf # # This group is read both by the client and the server # use it for options that affect everything # [client-server] # # include *.cnf from the config directory # !includedir /etc/my.cnf.d – MANY Q Jan 02 '21 at 17:37
  • with wrong password i get: SELECT USER(),CURRENT_USER(); root@localhost root@localhost – MANY Q Jan 02 '21 at 17:46
  • Do you even read what I share? Please take a look at it again. – GTsvetanov Jan 02 '21 at 23:54