1. Change root user
Bash
su -
## OR ##
sudo -i
2. Install MySQL YUM repository
Fedora
Bash
## Fedora 25 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc25-9.noarch.rpm
## Fedora 24 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc24-9.noarch.rpm
## Fedora 23 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc23-9.noarch.rpm
CentOS and Red Hat (RHEL)
Bash
## CentOS 7 and Red Hat (RHEL) 7 ##
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm
## CentOS 6 and Red Hat (RHEL) 6 ##
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el6-9.noarch.rpm
## CentOS 5 and Red Hat (RHEL) 5 ##
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el5-7.noarch.rpm
3. Update or Install MySQL 5.7.17
Fedora 25/24/23
Bash
dnf install mysql-community-server
CentOS 7.3/6.8/5.11 and Red Hat (RHEL) 7.3/6.8/5.11
Bash
yum install mysql-community-server
4. Start MySQL server and autostart MySQL on boot
Fedora 25/24/23 and CentOS 7.3 and Red Hat (RHEL) 7.3
Bash
systemctl start mysqld.service ## use restart after update
systemctl enable mysqld.service
CentOS 6.8/5.11 and Red Hat (RHEL) 6.8/5.11
Bash
/etc/init.d/mysql start ## use restart after update
## OR ##
service mysql start ## use restart after update
chkconfig --levels 235 mysqld on
5. Get Your Generated Random root Password
Bash
grep ‘A temporary password is generated for root@localhost‘ /var/log/mysqld.log |tail -1
Example Output:
Bash
2015-11-20T21:11:44.229891Z 1 [Note] A temporary password is generated for root@localhost: -et)QoL4MLid
And root password is: -et)QoL4MLid
6. MySQL Secure Installation
- Change root password
- Remove anonymous users
- Disallow root login remotely
- Remove test database and access to it
- Reload privilege tables
Start MySQL Secure Installation with following command
Bash
/usr/bin/mysql_secure_installation
Output:
Bash
Securing the MySQL server deployment.
Enter password for user root:
The ‘validate_password‘ plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.
Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y
New password:
Re-enter new password:
Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.
Normally, root should only be allowed to connect from
‘localhost‘. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.
By default, MySQL comes with a database named ‘test‘ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
- Dropping test database...
Success.
- Removing privileges on test database...
Success.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.
All done!
Note: If you don’t want some reason, do a “MySQL Secure Installation” then at least it’s very important to change the root user’s password
Bash
mysqladmin -u root password [your_password_here]
## Example ##
mysqladmin -u root password myownsecrectpass
7. Connect to MySQL database (localhost) with password
Bash
mysql -u root -p
## OR ##
mysql -h localhost -u root -p
8. Create Database, Create MySQL User and Enable Remote Connections to MySQL Database
This example uses following parameters:
- DB_NAME = webdb
- USER_NAME = webdb_user
- REMOTE_IP = 10.0.15.25
- PASSWORD = password123
- PERMISSIONS = ALL
SQL
## CREATE DATABASE ##
mysql> CREATE DATABASE webdb;
## CREATE USER ##
mysql> CREATE USER ‘webdb_user‘@‘10.0.15.25‘ IDENTIFIED BY ‘password123‘;
## GRANT PERMISSIONS ##
mysql> GRANT ALL ON webdb.* TO ‘webdb_user‘@‘10.0.15.25‘;
## FLUSH PRIVILEGES, Tell the server to reload the grant tables ##
mysql> FLUSH PRIVILEGES;
Enable Remote Connection to MariaDB Server –> Open MySQL Port (3306) on Iptables Firewall (as root user again)
1. Fedora 25/24/23 and CentOS/Red Hat (RHEL) 7.3
1.1 Add New Rule to Firewalld
Bash
firewall-cmd --permanent --zone=public --add-service=mysql
## OR ##
firewall-cmd --permanent --zone=public --add --port=3306/tcp
1.2 Restart firewalld.service
Bash
systemctl restart firewalld.service
2. CentOS/Red Hat (RHEL) 6.8/5.11
2.1 Edit /etc/sysconfig/iptables file:
Bash
nano -w /etc/sysconfig/iptables2.2 Add following INPUT rule:
Bash
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT2.3 Restart Iptables Firewall:
Bash
service iptables restart
## OR ##
/etc/init.d/iptables restart
3. Test remote connection
Bash
mysql -h 10.0.15.25 -u myusername -p
