Ubuntu18.4安装Mysql及配置安全策略

1、某云的Ubuntu18.4服务器，默认并未有安装mysql，测试命令如下：dpkg -l | grep mysqldpkg可以软件的安装，查看，更新和移除

2、安装mysql服务器，安装过程提示输入Y继续安装，命令如下：sudo apt-get install mysql-server

3、安装完成后，测试命令如下：netstat -tap | grep mysql出现listen，数据库正常mysql -u root -p默认是没有密码的

4、进行数据库初始化使用命令，安装插件，提示是否安装密码验证插件，这里选择n，不安装mysql_secure_installationSecuring the MySQL server deployment.Connecting to MySQL using a blank password.VALIDATE PASSWORD PLUGIN can be used to test passwordsand improve security. It checks the strength of passwordand allows the users to set only those passwords which aresecure enough. Would you like to setup VALIDATE PASSWORD plugin?Press y|Y for Yes, any other key for No: n

5、接下来要设置mysql数据库root的密码New password: Re-enter new password:

6、删除匿名用户,这里选择yBy default, a MySQL installation has an anonymous user,allowing anyone to log into MySQL without having to havea user account created for them. This is intended only fortesting, and to make the installation go a bit smoother.You should remove them before moving into a productionenvironment.Remove anonymous users? (Press y|Y for Yes, any other key for No) : y

7、禁止root用户远程登录，这里选择n，允许root远程登录Normally, root should only be allowed to connect from'localhost'. This ensures that someone cannot guess atthe root password from the network.Disallow root login remotely? (Press y|Y for Yes, any other key for No) : n

8、删除测试数据库，这里选择yBy default, MySQL comes with a database named 'test' thatanyone can access. This is also intended only for testing,and should be removed before moving into a productionenvironmentRemove test database and access to it? (Press y|Y for Yes, any other key for No) : y

9、重置授权，立刻生效，这里选yReload privilege tables now? (Press y|Y for Yes, any other key for No) : ySuccess.

10、使mysql支持远程登录，还需要打开mysql配置文件，注释掉bind-address,保存退出

11、再使用root登陆数据库，授予远程登录权限mysql -uroot -pgrant all on *.* to root@'%' identified by '你的密码' with grant option;flush privileges; 退出之后重启数据库systemctl restart mysql

12、这样在远程使用管理工具连接就可以成功连接上了