MySQL错误1045(28000):拒绝用户访问';法案'@';本地主机';(使用密码:是)
首先让我提一下,我已经研究了许多建议性的问题,但没有找到相关的答案。这就是我正在做的 我已连接到我的Amazon EC2实例。我可以使用以下命令使用MySQL root登录:MySQL错误1045(28000):拒绝用户访问';法案'@';本地主机';(使用密码:是),mysql,access-denied,Mysql,Access Denied,首先让我提一下,我已经研究了许多建议性的问题,但没有找到相关的答案。这就是我正在做的 我已连接到我的Amazon EC2实例。我可以使用以下命令使用MySQL root登录: mysql -u root -p 然后我用主机% CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass'; 已将所有特权授予用户帐单: grant all privileges on *.* to 'bill'@'%' with grant option; 然后我退出root用
mysql -u root -p
然后我用主机%
CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass';
已将所有特权授予用户帐单:
grant all privileges on *.* to 'bill'@'%' with grant option;
然后我退出root用户并尝试使用bill登录:
mysql -u bill -p
输入了正确的密码并出现以下错误:
错误1045(28000):拒绝用户“bill”@“localhost”的访问(使用密码:YES)
好的,我不确定,但可能是mysql安装目录中的.cnf文件造成的。 把这行注释掉,问题就可以解决了
bind-address = 127.0.0.1
当您键入
mysql-u root-p
时,您正在通过本地unix套接字连接到mysql服务器
然而,您给予的授权,'bill'@'
仅与TCP/IP连接匹配,这一点很奇怪
如果要授予对本地unix套接字的访问权限,则需要将权限授予“bill”@“localhost”,这与“bill”@“127.0.0.1”不同
您还可以使用TCP/IP与mysql命令行客户端连接,以匹配您已经授予的权限,例如运行mysql-u root-p-h 192.168.1.123
或您的设备具有的任何本地IP地址。
mysql -u bill -p
我犯了这个错误
ERROR 1045 (28000): Access denied for user 'bill'@'localhost' (using password: YES)
mysqld希望您以bill@localhost
CREATE USER bill@localhost IDENTIFIED BY 'passpass';
grant all privileges on *.* to bill@localhost with grant option;
尝试创建bill@localhost
CREATE USER bill@localhost IDENTIFIED BY 'passpass';
grant all privileges on *.* to bill@localhost with grant option;
如果要远程连接,必须使用TCP/IP指定DNS名称、公共IP或127.0.0.1:
mysql -u bill -p -hmydb@mydomain.com
mysql -u bill -p -h10.1.2.30
mysql -u bill -p -h127.0.0.1 --protocol=TCP
登录后,请运行此
SELECT USER(),CURRENT_USER();
报告您如何尝试在MySQL中进行身份验证
报告如何允许您从MySQL.user表在MySQL中进行身份验证
这将让您更好地了解如何以及为什么允许您登录mysql。为什么这个观点很重要?它与用户身份验证排序协议有关
下面是一个例子:我将在我的桌面MySQL上创建一个匿名用户
mysql> select user,host from mysql.user;
+---------+-----------+
| user | host |
+---------+-----------+
| lwdba | % |
| mywife | % |
| lwdba | 127.0.0.1 |
| root | 127.0.0.1 |
| lwdba | localhost |
| root | localhost |
| vanilla | localhost |
+---------+-----------+
7 rows in set (0.00 sec)
mysql> grant all on *.* to x@'%';
Query OK, 0 rows affected (0.02 sec)
mysql> select user,host from mysql.user;
+---------+-----------+
| user | host |
+---------+-----------+
| lwdba | % |
| mywife | % |
| x | % |
| lwdba | 127.0.0.1 |
| root | 127.0.0.1 |
| lwdba | localhost |
| root | localhost |
| vanilla | localhost |
+---------+-----------+
8 rows in set (0.00 sec)
mysql> update mysql.user set user='' where user='x';
Query OK, 1 row affected (0.00 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> flush privileges;
Query OK, 0 rows affected (0.01 sec)
mysql> select user,host from mysql.user;
+---------+-----------+
| user | host |
+---------+-----------+
| | % |
| lwdba | % |
| mywife | % |
| lwdba | 127.0.0.1 |
| root | 127.0.0.1 |
| lwdba | localhost |
| root | localhost |
| vanilla | localhost |
+---------+-----------+
8 rows in set (0.00 sec)
mysql>
确定观看我以匿名用户身份登录:
C:\MySQL_5.5.12>mysql -urol -Dtest -h127.0.0.1 --protocol=TCP
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.5.12-log MySQL Community Server (GPL)
Copyright (c) 2000, 2010, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> select user(),current_user();
+---------------+----------------+
| user() | current_user() |
+---------------+----------------+
| rol@localhost | @% |
+---------------+----------------+
1 row in set (0.00 sec)
mysql>
认证顺序非常严格。它从最具体到最不具体地进行检查
必要时,不要忘记显式调用TCP作为mysql客户端的协议。您可能有一个匿名用户
'@'localhost'
或'@'127.0.0.1'
根据:
当可能存在多个匹配项时,服务器必须确定以下哪一项:
使用它们。它解决这个问题如下:(…)
- 当客户端尝试连接时,服务器会按排序顺序查看[表mysql.user]的行
- 服务器使用与客户端主机名和用户名匹配的第一行
localhost
连接时,这样的匿名用户将“屏蔽”任何其他用户,如“[任何用户名]”@“%”
'bill'@'localhost'
确实匹配'bill'@'%
,但会在之前匹配(例如,''localhost'
)
建议的解决方案是删除这个匿名用户(无论如何,这通常是一件好事)
下面的编辑大多与主要问题无关。这些只是为了回答本帖其他评论中提出的一些问题 编辑1 通过套接字验证为
'bill'@'
root@myhost:/home/mysql-5.5.16-linux2.6-x86_64# ./mysql -ubill -ppass --socket=/tmp/mysql-5.5.sock
Welcome to the MySQL monitor (...)
mysql> SELECT user, host FROM mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| bill | % |
| root | 127.0.0.1 |
| root | ::1 |
| root | localhost |
+------+-----------+
4 rows in set (0.00 sec)
mysql> SELECT USER(), CURRENT_USER();
+----------------+----------------+
| USER() | CURRENT_USER() |
+----------------+----------------+
| bill@localhost | bill@% |
+----------------+----------------+
1 row in set (0.02 sec)
mysql> SHOW VARIABLES LIKE 'skip_networking';
+-----------------+-------+
| Variable_name | Value |
+-----------------+-------+
| skip_networking | ON |
+-----------------+-------+
1 row in set (0.00 sec)
编辑3
与编辑2中的情况相同,现在提供匿名用户的密码
root@myhost:/home/mysql-5.5.16-linux2.6-x86_64# ./mysql -ubill -panotherpass -hlocalhost
Welcome to the MySQL monitor (...)
mysql> SELECT USER(), CURRENT_USER();
+----------------+----------------+
| USER() | CURRENT_USER() |
+----------------+----------------+
| bill@localhost | @localhost |
+----------------+----------------+
1 row in set (0.01 sec)
root@myhost:/home/mysql-5.5.16-linux2.6-x86_64#/mysql-ubill-panotherpass-hlocalhost
欢迎使用MySQL监视器(…)
mysql>选择用户(),当前用户();
+----------------+----------------+
|用户()|当前用户()|
+----------------+----------------+
| bill@localhost|@localhost|
+----------------+----------------+
一行一组(0.01秒)
结论1,来自编辑1:可以通过套接字作为“bill”@“
进行身份验证
root@myhost:/home/mysql-5.5.16-linux2.6-x86_64# ./mysql -ubill -ppass --socket=/tmp/mysql-5.5.sock
Welcome to the MySQL monitor (...)
mysql> SELECT user, host FROM mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| bill | % |
| root | 127.0.0.1 |
| root | ::1 |
| root | localhost |
+------+-----------+
4 rows in set (0.00 sec)
mysql> SELECT USER(), CURRENT_USER();
+----------------+----------------+
| USER() | CURRENT_USER() |
+----------------+----------------+
| bill@localhost | bill@% |
+----------------+----------------+
1 row in set (0.02 sec)
mysql> SHOW VARIABLES LIKE 'skip_networking';
+-----------------+-------+
| Variable_name | Value |
+-----------------+-------+
| skip_networking | ON |
+-----------------+-------+
1 row in set (0.00 sec)
结论2,来自编辑2:一个人是通过TCP连接还是通过套接字连接对身份验证过程没有影响(显然,除了通过套接字'something'@'localhost'
之外,他不能作为任何人连接)
结论3,来自编辑3:尽管我指定了
-ubill
,但我已被授予作为匿名用户的访问权限。这是因为上面建议的“排序规则”。请注意,在大多数默认安装中,(并且应该被保护/删除)。解决方案是删除匿名(任何)用户
在其他人设置的服务器上,我也遇到了同样的问题。我通常不会在安装MySQL时创建匿名用户,所以我没有注意到这一点。最初,我以“root”用户身份登录,并创建了两个“普通”用户(即仅在dbs上具有特权且用户名作为前缀的用户),然后注销,然后继续验证第一个普通用户。我无法登录。既不通过phpMyAdmin,也不通过shell。事实证明,罪魁祸首是这个“任何”用户。试试:
~$ mysql -u root -p
Enter Password:
mysql> grant all privileges on *.* to bill@localhost identified by 'pass' with grant option;
我希望在mysql中删除debian sys maint用户不会造成更大的损害 让您的mysql守护进程以正常方式运行。启动mysql客户端,如下所示
mysql -u debian-sys-maint -p
在另一个终端中,cat
文件/etc/mysql/debian.cnf
。该文件包含一个密码;提示输入密码时粘贴该密码
当您运行
mysql-u bill-p
时,localhost
将解析为您的ip,因为它是127.0.0.1,默认情况下位于/etc/hosts
文件中
[client]
user = myusername
password = "mypassword" # <----------------------- VERY IMPORTANT (quotes)
host = localhost
mysql -u mike -p mypass
mysql -u mike -pmypass
ERROR 1045 (28000): Access denied for user 'sonar'@'localhost' (using password: YES)
alm-lt-test.xyz.com
mysql -u sonar -p -halm-lt-test.xyz.com
mysql -u sonar -p -h101.33.65.94
mysql -u sonar -p -h127.0.0.1 --protocol=TCP
mysql -u sonar -p -h172.27.59.54 --protocol=TCP
GRANT ALL ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'sonar';
GRANT ALL ON sonar.* TO 'sonar'@'alm-lt-test.xyz.com' IDENTIFIED BY 'sonar';
GRANT ALL ON sonar.* TO 'sonar'@'127.0.0.1' IDENTIFIED BY 'sonar';
GRANT ALL ON sonar.* TO 'sonar'@'172.27.59.54' IDENTIFIED BY 'sonar';
SQL SECURITY DEFINER
SQL SECURITY INVOKER
CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass';
CREATE USER 'bill'@'localhost' IDENTIFIED BY 'passpass';
mysql> select user,host from mysql.user;
+---------------+----------------------------+
| user | host |
+---------------+----------------------------+
| bill | % | <=== created by first
| root | 127.0.0.1 |
| root | ::1 |
| root | localhost |
| bill | localhost | <=== created by second
+---------------+----------------------------+
mysql -u bill -p
ERROR 1045 (28000): Access denied for user 'bill'@'localhost' (using password: YES)
CREATE USER 'bill'@'localhost' IDENTIFIED BY 'passpass';
grant all privileges on . to 'bill'@'localhost' with grant option;
[root@cy400 ~]# mysql -u root -p <br>
Enter password: admin123 <br>
Welcome to the MySQL monitor. Commands end with ; or \g. <br>
Your MySQL connection id is 2 <br>
Server version: 5.0.77 Source distribution <br>
Type 'help;' or '\h' for help. Type '\c' to clear the buffer. <br>
mysql> quit <br>
Bye
$ mysql -usomeuser -p's0mep@$$w0Rd'
$ mysql -usomeuser -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 191
Server version: 5.5.46-0ubuntu0.14.04.2 (Ubuntu)
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>
UPDATE user SET plugin='mysql_native_password' WHERE user='foo';
FLUSH PRIVILEGES;
sudo mysql -u root -p
define("HOSTNAME", "localhost");
define("HOSTUSER", "van");
define("HOSTPASS", "helsing");
define("DBNAME", "crossbow");
$connection = mysqli_connect(HOSTNAME, HOSTUSER, HOSTPASS);
define('HOSTNAME', 'localhost');
define('HOSTUSER', 'van');
define('HOSTPASS', 'helsing');
define('DBNAME', 'crossbow');
$connection = mysqli_connect(HOSTNAME, HOSTUSER, HOSTPASS);
$host = 'localhost';
$db = 'test';
$user = 'root';
$pass = '';
$charset = 'utf8mb4';
$port = '3308';//Port
$dsn = "mysql:host=$host;dbname=$db;port=$port;charset=$charset"; //Add in connection
$options = [
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
PDO::ATTR_EMULATE_PREPARES => false,
];
try {
$pdo = new PDO($dsn, $user, $pass, $options);
} catch (\PDOException $e) {
throw new \PDOException($e->getMessage(), (int)$e->getCode());
}