zoukankan      html  css  js  c++  java
  • mysql授权远程用户连接(权限最小化原则)

    1、进入MySQL,创建一个新用户root,密码为root:

    格式:grant 权限 on 数据库名.表名 to 用户@登录主机 identified by “用户密码”; 
    grant select,update,insert,delete on . to root@192.168.1.12 identified by “root”;

    原先数据表结构

    mysql> use mysql;
    Database changed
    mysql> select host,user,password from user;
    +-----------+------+-------------------------------------------+
    | host      | user | password                                  |
    +-----------+------+-------------------------------------------+
    | localhost | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    +-----------+------+-------------------------------------------+

    执行上述语句后结果

    mysql> use mysql;
    Database changed
    mysql> select host,user,password from user;
    +--------------+------+-------------------------------------------+
    | host         | user | password                                  |
    +--------------+------+-------------------------------------------+
    | localhost    | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | 192.168.1.12 | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    +--------------+------+-------------------------------------------+
    2 rows in set (0.00 sec)

    可以看到在user表中已有刚才创建的root用户。host字段表示登录的主机,其值可以用IP,也可用主机名, 
    有时想用本地IP登录,那么可以将以上的Host值改为自己的Ip即可。

    2、实现远程连接(授权法)

    将host字段的值改为%就表示在任何客户端机器上能以root用户登录到mysql服务器,建议在开发时设为%。 
    update user set host = ’%’ where user = ’root’;

    将权限改为ALL PRIVILEGES

    mysql> use mysql;
    Database changed
    mysql> grant all privileges  on *.* to root@'%' identified by "root";
    Query OK, 0 rows affected (0.00 sec) 
    
    mysql> select host,user,password from user;
    +--------------+------+-------------------------------------------+
    | host         | user | password                                  |
    +--------------+------+-------------------------------------------+
    | localhost    | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | 192.168.1.12 | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    | %            | root | *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B |
    +--------------+------+-------------------------------------------+
    3 rows in set (0.00 sec)

    这样机器就可以以用户名root密码root远程访问该机器上的MySql.

    3、实现远程连接(改表法)

    use mysql;

    update user set host = ‘%’ where user = ‘root’;

    这样在远端就可以通过root用户访问Mysql.

     mysql假如授权 grant all privileges on *.* to 'huowuzhao'@'192.168.%' identified by 'password';
    再授权grant all privileges on *.* to 'huowuzhao'@'192.168.222.%' identified by 'password';之后,之前授权的用户将失效,是因为mysql有权限最小化原则。
  • 相关阅读:
    线程池ThreadPoolExcecutor介绍
    java类初始化顺序
    CountDownLatch,CyclicBarrier,Semaphore的使用
    设计模式UML图
    windows10磁盘分区后,如何恢复分区,回到未分区之前
    神州战神U盘安装windows10系统,启动项制作好后,在bios中识别不到自己的u盘问题
    项目报错:Invalid bound statement (not found):
    在docker安装tomcat的时候,报错:Caused by: java.lang.IllegalArgumentException: The AJP Connector is configured with secretRequired="true
    PowerDesigner逆向生成MYSQL数据库表结构总结
    mysql导出word的表结构操作
  • 原文地址:https://www.cnblogs.com/pythonal/p/6288943.html
Copyright © 2011-2022 走看看