// Tutorial //

How To Install MariaDB on Debian 10

Published on July 15, 2019 · Updated on March 15, 2022
How To Install MariaDB on Debian 10
Not using Debian 10?Choose a different version or distribution.
Debian 10


MariaDB is an open-source database management system (DBMS), commonly used as an alternative for the MySQL portion of the popular LAMP (Linux, Apache, MySQL, PHP/Python/Perl) stack. It’s intended to be a drop-in replacement for MySQL and Debian now only ships with MariaDB packages. If you attempt to install MySQL server-related packages, you’ll receive the compatible MariaDB replacement versions instead.

The short version of this installation guide consists of the following three steps:

  • Update your package index using apt
  • Install the mariadb-server package using apt. The package also pulls in related tools to interact with MariaDB
  • Run the included mysql_secure_installation security script to restrict access to the server
  1. sudo apt update
  2. sudo apt install mariadb-server
  3. sudo mysql_secure_installation

This tutorial will explain how to install MariaDB version 10.3 on a Debian 10 server, and verify that it is running and has a safe initial configuration.


To complete this tutorial, you will need one Debian 10 server set up with a non-root user with sudo privileges and a firewall. You can set this up by following our initial server setup guide.

Step 1 — Installing MariaDB

On Debian 10, MariaDB version 10.3 is included in the APT package repositories by default. It is marked as the default MySQL variant by the Debian MySQL/MariaDB packaging team.

To install it, update the package index on your server with apt:

  1. sudo apt update

Then install the package:

  1. sudo apt install mariadb-server

These commands will install MariaDB, but will not prompt you to set a password or make any other configuration changes. Because the default configuration leaves your installation of MariaDB insecure, you’ll use a script that the mariadb-server package provides to restrict access to the server and remove unused accounts.

Step 2 — Configuring MariaDB

For new MariaDB installations, the next step is to run the included security script. This script changes some of the less secure default options. We will use it to block remote root logins and to remove unused database users.

Run the following security script:

  1. sudo mysql_secure_installation

This will take you through a series of prompts where you can make some changes to your MariaDB installation’s security options. The first prompt will ask you to enter the current database root password. Since you haven’t set one up yet, press ENTER to indicate “none”.

The next prompt asks you whether you’d like to set up a database root password. Type N and then press ENTER. In Debian, the root account for MariaDB is tied closely to automated system maintenance, so you should not change the configured authentication methods for that account. Doing so would make it possible for a package update to break the database system by removing access to the administrative account. Later, we will cover how to optionally set up an additional administrative account for password access if socket authentication is not appropriate for your use case.

From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MariaDB immediately respects the changes you have made.

Step 3 — (Optional) Adjusting User Authentication and Privileges

In Debian systems running MariaDB 10.3, the root MariaDB user is set to authenticate using the unix_socket plugin by default rather than with a password. This allows for some greater security and usability in many cases, but it can also complicate things when you need to allow an external program (e.g., phpMyAdmin) administrative rights.

Because the server uses the root account for tasks like log rotation and starting and stopping the server, it is best not to change the root account’s authentication details. Changing credentials in the /etc/mysql/debian.cnf configuration file may work initially, but package updates could potentially overwrite those changes. Instead of modifying the root account, the package maintainers recommend creating a separate administrative account for password-based access.

To demonstrate this process, we will create a new account called admin with the same capabilities as the root account, but configured for password authentication. To do this, open up the MariaDB prompt from your terminal:

  1. sudo mysql

Now, create a new user with root privileges and password-based access. Change the username and password to match your preferences:

  1. GRANT ALL ON *.* TO 'admin'@'localhost' IDENTIFIED BY 'password' WITH GRANT OPTION;

Flush the privileges to ensure that they are saved and available in the current session:


Following this, exit the MariaDB shell:

  1. exit

Next, let’s test the MariaDB installation.

Step 4 — Testing MariaDB

When installed from the default repositories, MariaDB should start running automatically. To test this, check its status:

  1. sudo systemctl status mariadb

You’ll receive output that is similar to the following:

● mariadb.service - MariaDB 10.3.31 database server Loaded: loaded (/lib/systemd/system/mariadb.service; enabled; vendor preset: Active: active (running) since Mon 2022-03-14 18:33:32 UTC; 2min 2s ago Docs: man:mysqld(8) https://mariadb.com/kb/en/library/systemd/ Main PID: 3229 (mysqld) Status: "Taking your SQL requests now..." Tasks: 31 (limit: 4915) Memory: 74.4M CGroup: /system.slice/mariadb.service └─3229 /usr/sbin/mysqld Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: performance_schema Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: Phase 6/7: Checking and u Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: Running 'mysqlcheck' with Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: # Connecting to localhost Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: # Disconnecting from loca Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: Processing databases Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: information_schema Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: performance_schema Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: Phase 7/7: Running 'FLUSH Mar 14 18:33:32 mariadb /etc/mysql/debian-start[3267]: OK

If MariaDB isn’t running, you can start it with the command sudo systemctl start mariadb.

For an additional check, you can try connecting to the database using the mysqladmin tool, which is a client that lets you run administrative commands. For example, this command says to connect to MariaDB as root and return the version using the Unix socket:

  1. sudo mysqladmin version

Your output should be similar to the following:

mysqladmin Ver 9.1 Distrib 10.3.31-MariaDB, for debian-linux-gnu on x86_64 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Server version 10.3.31-MariaDB-0+deb10u1 Protocol version 10 Connection Localhost via UNIX socket UNIX socket /var/run/mysqld/mysqld.sock Uptime: 3 min 6 sec Threads: 6 Questions: 473 Slow queries: 0 Opens: 175 Flush tables: 1 Open tables: 31 Queries per second avg: 2.543

If you configured a separate administrative user with password authentication, you can perform the same operation by running the following command:

  1. mysqladmin -u admin -p version
Ver 9.1 Distrib 10.3.31-MariaDB, for debian-linux-gnu on x86_64 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Server version 10.3.31-MariaDB-0+deb10u1 Protocol version 10 Connection Localhost via UNIX socket UNIX socket /var/run/mysqld/mysqld.sock Uptime: 7 min 11 sec Threads: 6 Questions: 474 Slow queries: 0 Opens: 175 Flush tables: 1 Open tables: 31 Queries per second avg: 1.099

This output means that MariaDB is up and running and that your user is able to authenticate successfully.


In this guide, you installed MariaDB to act as a SQL server. During the installation process, you also secured the server. Optionally, you also created a separate user to ensure administrative access to MariaDB across package updates.

Now that you have a running and secure MariaDB server, here are some examples of the next steps that you can take to work with the server:

You can also incorporate MariaDB into a larger application stack:

Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.

Learn more about us

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in our Questions & Answers section, find tutorials and tools that will help you grow as a developer and scale your project or business, and subscribe to topics of interest.

Sign up now
About the authors

Still looking for an answer?

Ask a questionSearch for more help

Was this helpful?
Leave a comment...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

So i followed this guide for my setup and i noticed something.

Phpmyadmin reports the root account doesnt have a password. https://imgur.com/a/rpQaJ0P

Is this normal?

I get stuck when it asks for the password. Hitting ENTER doesn’t work. Neither does the very long password from /root/.digitalocean_password.

This is on a new LAMP droplet but I uninstalled MySQL before attempting to install MariaDB.

This comment has been deleted

This comment has been deleted

Try DigitalOcean for free

Click here to sign up and get $200 of credit to try our products over 60 days!
Try DigitalOcean for free