Unable to secure MySQL on fresh LEMP droplet

October 20, 2018 526 views
MySQL Ubuntu 18.04

When ssh into the droplet as root, I am able to just type mysql and launch MySQL anonymously.

I then exited, and ran mysql_secure_installation, and followed all the prompts to remove the anonymous user, and set a root password.

I then stopped mysql using /etc/init.d/mysql stop and started it back up again /etc/init.d/mysql start

I then typed mysql again, and was still able to have full access to mysql anonymously as the root OS user. I expected to be denied access.

Keeping mysql running, I ran mysql_secure_installation again, and was NOT prompted to enter my current password.

Stopping mysql and then running mysql_secure_installation, I WAS prompted to enter my current password, but because the service had been stopped, it was not able to do anything.

What am I doing wrong?

1 Answer

Running the mysql command alone as root sources the file /root/.my.cnf, which might contain the actual login/password. So check inside that file for possible credentials.

Have another answer? Share your knowledge.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!