魔法使いの卵

WEBエンジニアの卵の成長記録

さくらVPSに入れたMySQL5.7の初期設定を行った

さくらVPS CentOS7.1 MySQL5.7 MySQL

MySQL5.7 のrootユーザーの初期パスワードを取得

  • 以下コマンド
sudo cat /var/log/mysqld.log | grep root
  • 結果は以下
[Note] A temporary password is generated for root@localhost:初期パスワード

MySQL5.7の初期設定

  • 設定コマンド
mysql_secure_installation
  • 以下対話しながら設定
Securing the MySQL server deployment.

Enter password for user root:初期パスワード

The existing password for the user account root has expired. Please set a new password.

New password:8文字以上、英大文字小文字数字記号の4種類を含む

Re-enter new password:8文字以上、英大文字小文字数字記号の4種類を含む
The 'validate_password' plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.

Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) : y

New password:8文字以上、英大文字小文字数字記号の4種類を含む

Re-enter new password:8文字以上、英大文字小文字数字記号の4種類を含む

Estimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y
Success.


Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y
Success.

By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y
Success.

All done!

MySQL5.7の設定ファイルによる設定の変更

  • 設定ファイルを開く
sudo vim /etc/my.cnf
  • 以下を[mysqld]配下の最後に追記
# MySQL サーバーのデータベースで利用する文字コードに UTF-8 を指定
character-set-server = utf8
# パスワード変更の有効期限を無効化
default_password_lifetime = 0

おもったこと

  • ここしばらくセキュリティ周りを意識しはじめた
  • パスワードなどは1Passwordで生成するようにしてる

参考元

MySQL 5.7 をインストールしたら最初に行うセットアップ | WEB ARCH LABO