MySQL - is my default list of users correct?
Posted: Thu Sep 23, 2010 7:10 pm
Hi,
I hope this question isn't too dumb
My background is that I can do basic Linux stuff but I don't have much experience configuring the basic (L)AMP applications. I do understand what security measures I need to take but not necessarily the commands to carry them out.
I'm in the middle of administrating a client's server and now have to make sure MySQL is set-up and configured securely. I've created a root password and can log in locally to access MySQL, but when I did
to list the accounts in the mysql DB it returned five values:
localhost : root : PASSWORD
127.0.0.1 : root : PASSWORD
xx.xx.xx.xx.blah.blah.com : root : PASSWORD (this the address of the server from a reverse look-up)
localhost: :
127.0.0.1 : :
My questions are:
1. Do I need both the localhost and 127.0.0.1 entries for root?
2. When I update root's password, do the three entries all get updated?
3. What's the purpose of the two blank accounts? Can I delete them?
Any links to good info on securing MySQL would be appreciated as well.
Thanks in advance,
Mecha Godzilla
I hope this question isn't too dumb
My background is that I can do basic Linux stuff but I don't have much experience configuring the basic (L)AMP applications. I do understand what security measures I need to take but not necessarily the commands to carry them out.
I'm in the middle of administrating a client's server and now have to make sure MySQL is set-up and configured securely. I've created a root password and can log in locally to access MySQL, but when I did
Code: Select all
SELECT host, user, password FROM user;localhost : root : PASSWORD
127.0.0.1 : root : PASSWORD
xx.xx.xx.xx.blah.blah.com : root : PASSWORD (this the address of the server from a reverse look-up)
localhost: :
127.0.0.1 : :
My questions are:
1. Do I need both the localhost and 127.0.0.1 entries for root?
2. When I update root's password, do the three entries all get updated?
3. What's the purpose of the two blank accounts? Can I delete them?
Any links to good info on securing MySQL would be appreciated as well.
Thanks in advance,
Mecha Godzilla