MySQL security - root accounts without password!

[Jonas Colmsjo]

Hi,

I have a message in syslog that says that the MySQL server contains three root accounts without password:

"/etc/mysql/debian-start, 1417, WARNING: mysql.user contains 3 root accounts without password!"

I checked phpmyadmin and see that there are three root accounts, see screenshot. I'm guessing that I'll brake something if I simple login and set the password for the root user?

I'd like to have a decent security setup, in particular on the database server. Is there anything I can do to strengthened the security around the MySQL root accounts?

/Thanks

Jonas

[Sebastian Stadil]

Paul, can you look into this for our docs?

Jonas

--
You received this message because you are subscribed to the Google Groups "scalr-discuss" group.
To view this discussion on the web visit https://groups.google.com/d/msg/scalr-discuss/-/mxnsuPR0GhUJ.
To post to this group, send email to scalr-...@googlegroups.com.
To unsubscribe from this group, send email to scalr-discus...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/scalr-discuss?hl=en.

--

Follow us: Twitter - Facebook - Blog

[Srinivasan S]

The best way to secure: set a root password. Also enable access to the db server from only the instance IP addresses. Scalr also has a script for that which you can use.

Srini

Sent on my BlackBerry® from Vodafone

---

From: Jonas Colmsjo <jonas....@gizur.com>

Sender: scalr-...@googlegroups.com

Date: Thu, 17 May 2012 23:40:04 -0700 (PDT)

To: <scalr-...@googlegroups.com>

ReplyTo: scalr-...@googlegroups.com

Subject: MySQL security - root accounts without password!

[Nick Toursky]

Hi Jonas,

All these accounts restricted to localhost.

Of course you can set password for them, Scalr is not using them.

Regards,

Nick

Jonas