Step-by-Step MySQL Installation on Ubuntu

To follow this tutorial, you will need:

• Ubuntu server (22.04 or later, x86_64) with a non-root sudo user and SSH access. If needed, set this up first with the Initial Server Setup with Ubuntu.
• Network + APT access. Ensure outbound access to Ubuntu repositories; run sudo apt update && sudo apt upgrade -y beforehand.
• Firewall configured with UFW. Allow SSH; keep MySQL local-only by default. If remote access is required later, you will add an IP-restricted rule for port 3306.
• Port availability. Confirm no other service is bound to 3306 (sudo ss -lntp | grep 3306 || true).
• System resources. Minimum ~1 GB RAM and 1 GB free disk for MySQL data and logs (more for production workloads).
• Time sync + basic tools. Enable system time sync (systemd-timesyncd) and have editors/log tools available (e.g., nano, less, journalctl).
• Backups/maintenance window (if upgrading or removing). Back up existing databases and plan downtime before changes that affect running services.

With the prerequisites in place, begin by installing MySQL from Ubuntu’s APT repositories. This approach is fast, stable, and supported on Ubuntu (22.04 and later), so you can get a working server without extra repos or manual builds. In the next few commands you’ll install the server package, ensure the service is running locally, and prepare the system for secure configuration in the following step.

This section guides you through installing MySQL on Ubuntu (22.04 and later) using APT so you have a running database server ready for configuration. You’ll learn how to install MySQL Server on Ubuntu and ensure the service is active, laying the foundation for a secure and functional deployment.

On modern Ubuntu versions (22.04 and later), you can install MySQL using the APT package repository. At the time of this writing, the version of MySQL available in the default Ubuntu repository is from the MySQL 8.x series (on Ubuntu 22.04 and 24.04). Exact version may vary depending on your Ubuntu release. This process covers installing MySQL on Ubuntu and will help you install the MySQL server efficiently and securely.

To install it, update the package index on your server if you’ve not done so recently:

sudo apt update

Then install the mysql-server package:

sudo apt install mysql-server

Ensure that the server is running using the systemctl start command:

sudo systemctl start mysql.service

These commands will install and start MySQL, but will not prompt you to set a password or make any other configuration changes. Because this leaves your installation of MySQL insecure, we will address this next.

For reference, you can review the official MySQL installation documentation to understand the available installation methods and version notes.

Here you will configure security settings and configure the MySQL root password on Ubuntu to protect your database from unauthorized access. This step is crucial for hardening your MySQL installation and ensuring only trusted users can access your data.

For fresh installations of MySQL, you’ll want to run the database management system’s included security script. This script changes some of the less secure default options for things like disallowing remote root logins and removing sample users. Importantly, you’ll also configure the MySQL root password on Ubuntu, which is essential for database security.

Output
 ... Failed! Error: SET PASSWORD has no significance for user 'root'@'localhost' as the authentication method used doesn't store authentication data in the MySQL server. Please consider using ALTER USER instead if you want to change authentication parameters.

New password:

sudo mysql

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

exit

Run the security script with sudo:

sudo mysql_secure_installation

This will take you through a series of prompts where you can make some changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which can be used to test the password strength of new MySQL users before deeming them valid.

If you elect to set up the Validate Password Plugin, any MySQL user you create that authenticates with a password will be required to have a password that satisfies the policy you select:

Output
Securing the MySQL server deployment.

Connecting to MySQL using a blank password.

VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?

Press y|Y for Yes, any other key for No: Y

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary                  file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
 2

Regardless of whether you choose to set up the Validate Password Plugin, the next prompt will be to set a password for the MySQL root user. Enter and then confirm a secure password of your choice:

Output
Please set the password for root here.


New password:

Re-enter new password:

Note that even though you’ve set a password for the root MySQL user, this user is not currently configured to authenticate with a password when connecting to the MySQL shell.

If you used the Validate Password Plugin, you’ll receive feedback on the strength of your new password. Then the script will ask if you want to continue with the password you just entered or if you want to enter a new one. Assuming you’re satisfied with the strength of the password you just entered, enter Y to continue the script:

Output
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y

From there, you can press Y and then ENTER to accept the defaults for all the subsequent questions. This will remove some anonymous users and the test database, disable remote root logins, and load these new rules so that MySQL immediately respects the changes you have made.

mysql -u root -p

ALTER USER 'root'@'localhost' IDENTIFIED WITH auth_socket;

Once the script completes, your MySQL installation will be secured. You can now move on to creating a dedicated database user with the MySQL client.

This section explains how to create a non-root MySQL user with the minimum privileges required for applications, improving security and manageability. By setting up dedicated users, you avoid exposing the powerful root account for daily operations.

Upon installation, MySQL creates a root user account which you can use to manage your database. This user has full privileges over the MySQL server, meaning it has complete control over every database, table, user, and so on. Because of this, it’s best to avoid using this account outside of administrative functions. This step outlines how to use the root MySQL user to create a new user account and grant it privileges.

In Ubuntu systems running MySQL 5.7 (and later versions), the root MySQL user is set to authenticate using the auth_socket plugin by default rather than with a password. This plugin requires that the name of the operating system user that invokes the MySQL client matches the name of the MySQL user specified in the command, so you must invoke mysql with sudo privileges to gain access to the root MySQL user:

sudo mysql

mysql -u root -p

Once you have access to the MySQL prompt, you can create a new user with a CREATE USER statement. These follow this general syntax:

CREATE USER 'username'@'host' IDENTIFIED WITH authentication_plugin BY 'password';

After CREATE USER, you specify a username. This is immediately followed by an @ sign and then the hostname from which this user will connect. If you only plan to access this user locally from your Ubuntu server, you can specify localhost. Wrapping both the username and host in single quotes isn’t always necessary, but doing so can help to prevent errors.

You have several options when it comes to choosing your user’s authentication plugin. The auth_socket plugin mentioned previously can be convenient, as it provides strong security without requiring valid users to enter a password to access the database. But it also prevents remote connections, which can complicate things when external programs need to interact with MySQL.

As an alternative, you can leave out the WITH authentication_plugin portion of the syntax entirely to have the user authenticate with MySQL’s default plugin, caching_sha2_password. The MySQL documentation recommends this plugin, caching_sha2_password, for users who want to log in with a password due to its strong security features.

Run the following command to create a user that authenticates with caching_sha2_password. Be sure to change sammy to your preferred username and password to a strong password of your choosing:

CREATE USER 'sammy'@'localhost' IDENTIFIED BY 'password';

CREATE USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

ALTER USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';

After creating your new user, you can grant them the appropriate privileges. The general syntax for granting user privileges is as follows:

GRANT PRIVILEGE ON database.table TO 'username'@'host';

The PRIVILEGE value in this example syntax defines what actions the user is allowed to perform on the specified database and table. You can grant multiple privileges to the same user in one command by separating each with a comma. You can also grant a user privileges globally by entering asterisks (*) in place of the database and table names. In SQL, asterisks are special characters used to represent “all” databases or tables.

To illustrate, the following command grants a user global privileges to CREATE, ALTER, and DROP databases, tables, and users, as well as the power to INSERT, UPDATE, and DELETE data from any table on the server. It also grants the user the ability to query data with SELECT, create foreign keys with the REFERENCES keyword, and perform FLUSH operations with the RELOAD privilege. However, you should only grant users the permissions they need, so feel free to adjust your own user’s privileges as necessary.

You can find the full list of available privileges in the official MySQL documentation.

Run this GRANT statement, replacing sammy with your own MySQL user’s name, to grant these privileges to your user:

GRANT CREATE, ALTER, DROP, INSERT, UPDATE, INDEX, DELETE, SELECT, REFERENCES, RELOAD on *.* TO 'sammy'@'localhost' WITH GRANT OPTION;

Note that this statement also includes WITH GRANT OPTION. This will allow your MySQL user to grant any permissions that it has to other users on the system.

GRANT ALL PRIVILEGES ON *.* TO 'sammy'@'localhost' WITH GRANT OPTION;

Following this, it’s good practice to run the FLUSH PRIVILEGES command. This will free up any memory that the server cached as a result of the preceding CREATE USER and GRANT statements:

FLUSH PRIVILEGES;

Then you can exit the MySQL client:

exit

In the future, to log in as your new MySQL user, you’d use a command like the following:

mysql -u sammy -p

The -p flag will cause the MySQL client to prompt you for your MySQL user’s password in order to authenticate.

Finally, let’s test the MySQL installation.

This step verifies your MySQL installation by checking its status and performing simple operations to ensure it is working properly. You’ll confirm that the MySQL service is running and that you can connect, create databases, and interact with the server as expected.

To verify MySQL is running, check its status:

systemctl status mysql.service

Sample output:

Output
● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-04-11 16:04:39 UTC; 2h 36min ago
    Process: 2593 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
   Main PID: 2601 (mysqld)
     Status: "Server is operational"
      Tasks: 38 (limit: 1119)
     Memory: 354.3M
        CPU: 19.944s
     CGroup: /system.slice/mysql.service
             └─2601 /usr/sbin/mysqld

Note: Version numbers and output may differ slightly depending on your Ubuntu repository version and MySQL package updates.

If MySQL isn’t running, start it with:

sudo systemctl start mysql

To further test, connect with mysqladmin as your MySQL user (replace sammy with your username):

mysqladmin -p -u sammy version

Sample output:

Output
mysqladmin  Ver 8.0.28-0ubuntu4 for Linux on x86_64 ((Ubuntu))
Copyright (c) 2000, 2022, Oracle and/or its affiliates.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Server version          8.0.28-0ubuntu4
Protocol version        10
Connection              Localhost via UNIX socket
UNIX socket             /var/run/mysqld/mysqld.sock
Uptime:                 2 hours 31 min 57 sec

Threads: 2  Questions: 25  Slow queries: 0  Opens: 160  Flush tables: 3  Open tables: 79  Queries per second avg: 0.000

To test database creation and listing, use:

mysql -u sammy -p -e "CREATE DATABASE appdb; SHOW DATABASES;"

Sample output:

Enter password:
Database
appdb
information_schema
mysql
performance_schema
sys

This confirms you can create and list databases, and that MySQL is up and running.

Once MySQL is running, test application connectivity to confirm everything works end-to-end.

Python Example

pip install mysql-connector-python

import mysql.connector
cnx = mysql.connector.connect(host="localhost", user="app", password="•••", database="appdb")
cur = cnx.cursor(); cur.execute("SELECT 1"); print(cur.fetchone()); cur.close(); cnx.close()

Node.js Example

npm install mysql2

const mysql = require('mysql2/promise');
(async () => {
  const conn = await mysql.createConnection({host:'localhost', user:'app', password:'•••', database:'appdb'});
  const [rows] = await conn.execute('SELECT 1 AS ok'); console.log(rows[0]); await conn.end();
})();

PHP Example (PDO)

<?php
$pdo = new PDO('mysql:host=localhost;dbname=appdb','app','•••');
var_dump($pdo->query('SELECT 1 AS ok')->fetch());

These examples validate that your application can connect to MySQL and run queries, closing the loop from installation to real usage.

Learn how to start, stop, restart, and enable MySQL to start on boot in Ubuntu so you can control uptime and reliability. Service management is essential for maintaining your MySQL server’s availability and ensuring it recovers automatically after reboots.

MySQL on Ubuntu (22.04 and later) uses systemd for service management. Use the following commands to control the MySQL service, including how to start MySQL and enable it to start on boot in Ubuntu:

Start MySQL:

sudo systemctl start mysql

Stop MySQL:

sudo systemctl stop mysql

Restart MySQL:

sudo systemctl restart mysql

Check MySQL status:

sudo systemctl status mysql

Sample output:

● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: active (running) since ...
     ...

Enable MySQL to start on boot:

sudo systemctl enable mysql

Disable MySQL from starting on boot:

sudo systemctl disable mysql

These commands allow you to start, stop, restart, check the status of, and control auto-start for the MySQL service using standard systemd utilities on Ubuntu (22.04 and 24.04).

Configure your MySQL UFW Firewall settings to control remote access and reduce attack surface. Limiting network access to your MySQL server is a critical security measure, especially when running production databases.

By default, MySQL listens only on localhost (127.0.0.1), making it inaccessible from remote hosts, which is secure for most use cases. If you need to allow remote access (for example, from another server), you must explicitly allow traffic on port 3306 using mysql ufw firewall rules.

Allow remote access from a specific IP:

sudo ufw allow from <YOUR_IP> to any port 3306

Check UFW status and rules:

sudo ufw status

Security best practice:
Only allow trusted IP addresses to access MySQL port 3306. Avoid using sudo ufw allow 3306 without an IP restriction, as this exposes your database to the entire internet and poses a significant security risk.

For most applications, keeping MySQL bound to localhost is safest. Only open port 3306 if you require remote connections and always restrict access to specific IPs.

Understand the primary scenarios where MySQL shines on Ubuntu, from LAMP stack deployments to analytics. This section explores how MySQL is used on Ubuntu (22.04 and later) in web applications, business systems, analytics, and more.

MySQL is a foundational database engine for countless workloads on Ubuntu (22.04 and later), from small projects to global-scale enterprise deployments. Its flexibility, performance, and open-source nature make it a top choice for developers and system architects. Below are some of the most important and high-impact scenarios where MySQL excels on Ubuntu (22.04 and later), along with expert insights and best practices:

LAMP/LEMP Web Applications

MySQL is the “M” in the classic LAMP stack (Linux, Apache/Nginx, MySQL, PHP/Python/Perl). This stack underpins millions of websites, from personal blogs to high-traffic e-commerce platforms. MySQL’s ACID compliance, robust transaction support, and mature SQL implementation make it ideal for handling user authentication, session management, content storage, and transactional business logic. On Ubuntu, MySQL integrates seamlessly with both Apache and Nginx, and is easily managed via systemd and APT.

HQ Tip: For high-availability web applications, consider MySQL replication (master-slave or group replication) and automated failover with tools like MHA or Orchestrator. Use connection pooling (e.g., ProxySQL, MySQL Router) to maximize throughput.

WordPress, Drupal, and CMS Hosting

The majority of popular content management systems—including WordPress, Joomla, and Drupal—use MySQL as their default backend. MySQL stores all site content, user data, plugin settings, and metadata, making it the backbone of dynamic websites. On Ubuntu (22.04 and later), MySQL’s security features (like mysql_secure_installation, granular user privileges, and SSL support) help ensure a hardened CMS deployment.

HQ Tip: For large or high-traffic CMS sites, optimize MySQL’s InnoDB buffer pool, enable slow query logging, and use caching plugins at the application level. Regularly back up your MySQL data using mysqldump or logical/physical backup tools like Percona XtraBackup.

Internal Business Applications

MySQL is widely used for internal business tools such as HR management systems, ticketing platforms, inventory control, and CRM dashboards. Running MySQL on Ubuntu gives organizations full control over their data, supports compliance with regulatory requirements (GDPR, HIPAA, etc.), and allows for custom security policies. MySQL’s role-based access control and audit plugins can help enforce least-privilege access and track data changes.

HQ Tip: For sensitive internal data, enable encrypted connections (TLS/SSL), use encrypted tablespaces (InnoDB), and restrict network access to trusted hosts only. Consider using MySQL Enterprise Audit or open-source alternatives for compliance logging.

Analytics, Data Warehousing, and Reporting

MySQL’s support for complex queries, indexing, and partitioning makes it suitable for analytics pipelines, reporting dashboards, and log/event storage. While not a full data warehouse, MySQL can power business intelligence tools (e.g., Grafana, Metabase, Superset) and ETL workflows. Features like window functions, CTEs, and JSON support (in MySQL 8+) enable advanced data transformations directly in SQL.

HQ Tip: For analytics workloads, use columnar storage engines (e.g., MySQL HeatWave, MariaDB ColumnStore) or integrate MySQL with external analytics platforms. Regularly analyze and optimize slow queries, and consider sharding or read replicas for scaling.

E-commerce and Transactional Systems

MySQL is a proven choice for e-commerce platforms (Magento, WooCommerce, custom carts) due to its transactional integrity, foreign key support, and ability to handle high volumes of concurrent reads and writes. On Ubuntu, MySQL can be tuned for write-heavy workloads and integrated with payment gateways, inventory systems, and order management tools.

HQ Tip: Enable binary logging for point-in-time recovery, use strong password policies, and monitor for deadlocks and long-running transactions. For PCI DSS compliance, ensure encrypted connections and regular vulnerability patching.

Microservices, APIs, and Cloud-Native Apps

Modern microservices and RESTful APIs often use MySQL as a persistent store, leveraging its mature drivers for Go, Python, Node.js, Java, and more. MySQL’s JSON data type and flexible indexing make it suitable for semi-structured data and hybrid workloads. On Ubuntu, MySQL can be containerized (Docker, Kubernetes) or managed via cloud services.

HQ Tip: For cloud-native deployments, use MySQL Operator for Kubernetes, automate backups and failover, and monitor with Prometheus exporters. Consider managed MySQL offerings for simplified scaling and maintenance.

These use cases demonstrate why MySQL remains one of the world’s most trusted open-source relational databases. Its combination of stability, scalability, security features, and a vast ecosystem—along with first-class support on Ubuntu—make it a future-proof choice for developers, sysadmins, and data professionals. Whether you’re building a simple website or a mission-critical enterprise system, MySQL on Ubuntu (22.04 and later) provides the flexibility and reliability you need to succeed.

Use this section to diagnose common errors such as port conflicts, authentication failures, and service startup issues. Troubleshooting is essential for resolving problems that may arise during or after your MySQL Ubuntu installation.

MySQL is a robust database system, but you may occasionally encounter issues during installation, configuration, or day-to-day operation. Below is an expanded guide to help you diagnose and resolve some of the most common MySQL problems on Ubuntu (22.04 and 24.04).

Common Problems, Causes, and Solutions

General Troubleshooting Steps

1. Check MySQL Service Status:
   sudo systemctl status mysql

2. Review Log Files:

   • /var/log/mysql/error.log
   • Use journalctl -u mysql for systemd logs

3. Test Connection Locally and Remotely:

   • Local: mysql -u root -p
   • Remote: mysql -h <server_ip> -u user -p

4. Check Firewall and Network Settings:

   • Ensure UFW or other firewalls allow MySQL traffic if remote access is needed.

5. Validate Configuration Files:

   • Syntax errors in /etc/mysql/mysql.conf.d/ can prevent startup.

6. Restart MySQL After Changes:

   • sudo systemctl restart mysql

7. Backup Before Major Changes:

   • Always back up your databases before making significant configuration or repair attempts.

More Resources

• MySQL 8.0 Reference Manual
• MySQL Error Message Reference
• DigitalOcean MySQL Tutorials

If you encounter an issue not listed here, consult the MySQL documentation or search for the specific error message. The MySQL community forums and Stack Overflow are also excellent resources for troubleshooting complex or unusual problems.

Expose your Ubuntu MySQL instance (22.04 and later) to Claude Code via the open‑source MCP Server for MySQL. The server runs alongside Claude and acts as a controlled adapter to your database: read‑only by default, explicit write flags for INSERT/UPDATE/DELETE, and sensible limits for timeouts, pooling, and rate‑limiting. For production, run it over a local socket or a locked‑down TCP channel (SSH tunnel or TLS) and use a least‑privilege MySQL user.

What this gives you

• Schema introspection: list tables/columns, types, keys.
• Safe query execution: read‑only transactions by default; optional writes behind flags.
• Operational controls: pool size, timeouts, rate limits, logging/metrics.
• Flexible connectivity: TCP, Unix socket, or SSH tunnel to remote hosts.

Prerequisites for Using MySQL MCP Server

• Node.js v20+ installed and on PATH.
• Claude Code CLI installed (claude available in your shell).
• A MySQL 8.x server on this host (preferred) or reachable over the network.
• A least‑privilege MySQL user (e.g., app@appdb) with privileges scoped to the target database.
• Keep port 3306 closed to the public internet; open only to trusted IPs if you must ( sudo ufw allow from <YOUR_IP> to any port 3306).

Quick Start (Claude Code CLI)

Option A — Local TCP (localhost)

# Install the MCP server
npm install -g @benborla29/mcp-server-mysql

# Add to Claude Code in read‑only mode (recommended)
claude mcp add mcp_server_mysql \
  -e MYSQL_HOST="127.0.0.1" \
  -e MYSQL_PORT="3306" \
  -e MYSQL_USER="app" \
  -e MYSQL_PASS="••••••••" \
  -e MYSQL_DB="appdb" \
  -e MYSQL_SSL="true" \
  -e ALLOW_INSERT_OPERATION="false" \
  -e ALLOW_UPDATE_OPERATION="false" \
  -e ALLOW_DELETE_OPERATION="false" \
  -- npx @benborla29/mcp-server-mysql

Option B — Unix Socket (local MySQL)

claude mcp add mcp_server_mysql \
  -e MYSQL_SOCKET_PATH="/var/run/mysqld/mysqld.sock" \
  -e MYSQL_USER="app" \
  -e MYSQL_PASS="••••••••" \
  -e MYSQL_DB="appdb" \
  -- npx @benborla29/mcp-server-mysql

Option C — SSH Tunnel to a Remote DB

Create a local tunnel that forwards your laptop’s port 3306 to the remote server’s 3306:

ssh -N -L 3306:127.0.0.1:3306 user@db-host

Then point the MCP server at 127.0.0.1:3306 as in Option A. For persistent tunnels, use a systemd user service or a tool like autossh.

Scope (where the config lives)

# Local (default): only for current project
claude mcp add mcp_server_mysql [options]

# User scope: available to all projects
claude mcp add mcp_server_mysql -s user [options]

# Project scope: shared via .mcp.json with the team
claude mcp add mcp_server_mysql -s project [options]

Enabling Writes (Optional, Risky)

By default, all queries run in read‑only transactions. If you truly need writes, enable flags explicitly and use a dedicated, scoped user:

-e ALLOW_INSERT_OPERATION="true" \
-e ALLOW_UPDATE_OPERATION="true" \
-e ALLOW_DELETE_OPERATION="true"

Pair this with database‑scoped grants only (avoid *.*).

Multi‑DB Mode and Schema Permissions

To let Claude switch between databases, omit MYSQL_DB:

claude mcp add mcp_server_mysql_multi \
  -e MYSQL_HOST="127.0.0.1" \
  -e MYSQL_PORT="3306" \
  -e MYSQL_USER="app" \
  -e MYSQL_PASS="••••••••" \
  -e MULTI_DB_WRITE_MODE="false" \
  -- npx @benborla29/mcp-server-mysql

In multi‑DB mode, use fully qualified names (db.table) or USE db;. For granular control across environments:

SCHEMA_INSERT_PERMISSIONS=development:true,test:true,production:false
SCHEMA_UPDATE_PERMISSIONS=development:true,test:true,production:false
SCHEMA_DELETE_PERMISSIONS=development:false,test:true,production:false
SCHEMA_DDL_PERMISSIONS=development:false,test:true,production:false

TLS/SSL Guidance

Enable TLS when your server supports it:

-e MYSQL_SSL="true"

Use trusted certificates on the server side; prefer TLS or an SSH tunnel over raw public TCP. Validate CA trust where required by your platform or managed database.

Verification

# List configured servers
claude mcp list

# Inspect configuration for your server
claude mcp get mcp_server_mysql

# Inside Claude Code chat, check status
/mcp

Run a simple read query (e.g., SELECT 1) through the MCP tool to confirm end‑to‑end access.

Troubleshooting (Claude Code + MySQL) Issues

• Cannot connect: Verify MySQL is running (systemctl status mysql), credentials, and firewall/UFW. Check that the tunnel (if any) is active.

• Auth plugin mismatch: Ensure your MySQL user uses a client‑supported plugin (caching_sha2_password recommended). Adjust with:

  ALTER USER 'app'@'localhost' IDENTIFIED WITH mysql_native_password BY 'StrongPassword';
  FLUSH PRIVILEGES;
  

• PATH/NODE_PATH issues (local repo runs): set explicit paths in the Claude config so node and global modules resolve.

• Module errors (e.g., dotenv): run with extra package if needed:

  npx -y -p @benborla29/mcp-server-mysql -p dotenv mcp-server-mysql
  

• Rate limits/timeouts: tune MYSQL_POOL_SIZE, MYSQL_QUERY_TIMEOUT, MYSQL_RATE_LIMIT, and enable logs/metrics with MYSQL_ENABLE_LOGGING=true.

Security Checklist (Ops)

• Keep 3306 closed to the internet; allow specific IPs only if required.
• Use least‑privilege users scoped to a single database; rotate passwords.
• Prefer TLS or SSH tunnels; avoid plaintext public TCP.
• Leave write flags disabled unless absolutely necessary.
• Enable logging/metrics for auditability; monitor slow queries and errors.

Repo: Source, changelog, and issues are maintained at github.com/benborla/mcp-server-mysql.

1. How do I install MySQL on Ubuntu? (22.04 and later)

Use the APT package manager to install MySQL on Ubuntu (22.04 and later):

sudo apt update && sudo apt install mysql-server
sudo systemctl status mysql

This installs MySQL from Ubuntu’s default repositories and starts the service. Verify the UNIX socket path and listening ports if needed:

sudo ss -lntp | grep 3306 || true
sudo mysql -e "SELECT @@socket, @@port;"

If the service is inactive, start it and re-check status. Keep your system current with sudo apt update && sudo apt upgrade, and consider enabling unattended upgrades on production servers.

2. How do I start, stop, or restart MySQL?

Control MySQL with systemd to manage uptime:

sudo systemctl start mysql
sudo systemctl stop mysql
sudo systemctl restart mysql

Use restart after configuration changes; use stop for maintenance windows or backups. Confirm the new state and recent log entries:

systemctl status mysql --no-pager
journalctl -u mysql -n 50 --no-pager

If MySQL fails to start, check /var/log/mysql/error.log for config errors, fix them, and try sudo systemctl daemon-reload && sudo systemctl start mysql.

3. How do I configure the MySQL root password on Ubuntu?

Set a secure root password to protect access:

sudo mysql
ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'StrongPassword';
exit
sudo mysql_secure_installation

This switches the root account to password authentication and runs the hardening script. Validate the plugin and authentication method:

sudo mysql -e "SELECT user, host, plugin FROM mysql.user WHERE user='root';"

If your client requires caching_sha2_password or another plugin, adjust the ALTER USER accordingly. Always keep root for administration only, and create a separate least-privilege user for applications. Re-run sudo mysql_secure_installation if you change policies later.

4. How do I check the MySQL server status and version?

Check whether MySQL is running and view version details:

systemctl status mysql
mysql -V
mysqladmin -p -u root version

The first command shows whether the service is active; the latter two print client and server details (protocol, uptime). For deeper health checks, query server variables and engine status:

mysql -u root -p -e "SHOW VARIABLES LIKE 'version%'; SHOW GLOBAL STATUS LIKE 'Uptime';"

If version strings differ between client and server, ensure your client tools match the server repo to avoid incompatibilities. Track uptime and error counts to catch restarts or crashes early.

5. How do I enable MySQL to start on boot in Ubuntu?

To enable automatic startup on system boot:

sudo systemctl enable mysql

You can disable it later with:

sudo systemctl disable mysql

Enable ensures MySQL comes up automatically after reboots; disable is useful for maintenance or single-user scenarios. Confirm the unit is enabled and view dependencies:

systemctl is-enabled mysql
systemctl list-dependencies mysql | head -20

For cloud images, also verify that your instance initialization (cloud-init/systemd) does not override service policy.

6. How do I safely uninstall MySQL?

To remove MySQL completely:

sudo systemctl stop mysql
sudo apt purge mysql-server mysql-client mysql-common
sudo rm -rf /var/lib/mysql /etc/mysql
sudo apt autoremove

Before purging, back up any data you may need, then remove packages and residual configuration. Validate that no MySQL processes or sockets remain:

ps aux | grep -i mysqld | grep -v grep || true
sudo ss -lntp | grep 3306 || true

If you plan to reinstall, run sudo apt update and consider cleaning APT cache with sudo apt autoclean. Recreate /etc/mysql via the package post-install and re-secure with mysql_secure_installation on the fresh install.

7. How do I use the MCP server with MySQL on Ubuntu? (22.04 and later)

Use the open‑source MCP Server for MySQL to let Claude Code inspect schemas and run queries safely. Install Node.js v20+ and the Claude Code CLI. Then install the server globally and register it in read‑only mode, pointing at your local MySQL (TCP) or the Unix socket. For remote databases, create an SSH tunnel and target 127.0.0.1:3306. Verify with claude mcp list and /mcp inside Claude. Always use a least‑privilege DB user, keep port 3306 closed to the internet, prefer TLS, and enable write flags only when required.

npm install -g @benborla29/mcp-server-mysql
claude mcp add mcp_server_mysql \
  -e MYSQL_HOST="127.0.0.1" -e MYSQL_PORT="3306" \
  -e MYSQL_USER="app" -e MYSQL_PASS="••••••••" -e MYSQL_DB="appdb" \
  -e ALLOW_INSERT_OPERATION="false" -e ALLOW_UPDATE_OPERATION="false" -e ALLOW_DELETE_OPERATION="false" \
  -- npx @benborla29/mcp-server-mysql

Tip: Use -e MYSQL_SOCKET_PATH="/var/run/mysqld/mysqld.sock" to connect via the local Unix socket. See the GitHub Repository for MCP Server for MySQL - Claude Code Edition for full documentation.

To go beyond the basics and fine‑tune your MySQL deployment, explore these advanced resources:

• MySQL Documentation: Reference Manual – official source for configuration options, tuning, and advanced features.
• Performance Tuning: Learn about query optimization, indexing, and monitoring slow queries.
• Replication & HA: Explore MySQL replication, group replication, and failover orchestration tools for high availability.
• Security Hardening: Review encryption (InnoDB tablespaces, SSL/TLS) and audit plugins for compliance.
• Backup & Recovery: Study point‑in‑time recovery and Percona XtraBackup for robust disaster recovery.

These resources will help you scale, secure, and optimize MySQL beyond the initial installation.

You now have a secure, production‑ready MySQL 8.x installation on Ubuntu (22.04 and 24.04) with a least‑privilege app user, service management in place, and UFW guidance to keep access local‑only by default. Before you move to production, finalize three items: enable automatic backups, enforce TLS for any remote connections, and monitor logs/slow queries for early warning signals. If you’re upgrading or maintaining older hosts, review the baseline/changes in our Ubuntu 20.04 guide for context and safe migration steps.

Here are a few examples of next steps you can take:

• Set up a LAMP stack or a LEMP stack
• Practice running queries with SQL
• Manage your MySQL installation with phpMyAdmin
• SQLite vs MySQL vs PostgreSQL: A Comparison — choose the right database engine for your project.