MySQL5.6 Using a password on the command line interface can be insecure解決方法;

1.最近把MySQL從5.5升到5.6以後,mysqldump居然不好用了,提示:

代碼如下	複制代碼
[[email protected] ~]# /usr/local/mysql/bin/mysqldump  -uroot -proot db > bak.sql Warning: Using a password on the command line interface can be insecure.

翻譯過來是:在指令行界面上使用密碼可以是不安全的;

這讓人有點郁悶,5.5用的1直都很爽,到5.6居然說指令行方式寫密碼不安全?那密碼寫哪呢?

在官網文檔找到了緣由,大家可以點選這裡看看:

1.官方網址:http://dev.mysql.com/doc/refman/5.1/en/password-security-user.html

MySQL users shoulduse the following guidelines to keep passwords secure.

   When you run a client program to connect to the MySQL server, it is inadvisableto specify your password in a way that exposes it to discovery by other users.The methods you can use to specify your password when you run client programsare listed here, along with an assessment of the risks of each method. Inshort, the safest methods are to have the client program prompt for thepassword or to specify the password in a properly protected option file.

翻譯過來大意是在指令行下如果要使用密碼可以在執行指令後的提示輸入裡輸入密碼,或者在指定的安全檔案内指定密碼;那安全檔案時哪個呢?文檔對此給出了答案:

Store your passwordin an option file. For example, on Unix, you can list your password in the[client] section of the .my.cnf file in your home directory:

可以在my.cnf内指定,于是打開我的my.cnf,在[mysqldump]下增加:

代碼如下	複制代碼
user=root password=root

文中說的在[client]下面加也可以,但那樣就所有塊的操作都能共享了,是以生産環境上為了安全還是盡量分開;儲存退出再dump就ok了;

代碼如下	複制代碼
[[email protected] ~]# /usr/local/mysql/bin/mysqldump db > bak.sql [[email protected] ~]#

MySQL 5.6 警告資訊 command line interface can be insecure 修複

在指令行輸入密碼,就會提示這些安全警告資訊;

Warning: Using apassword on the command line interface can be insecure.

注:mysql -u root -pPASSWORD 或 mysqldump -u root -pPASSWORD 都會輸出這樣的警告資訊.

1.針對mysql:

mysql -u root -pPASSWORD改成mysql -u root -p 在輸入密碼即可.

2.mysqldump就比較麻煩了,通常都寫在scripts腳本中;

解決方法:

對于mysqldump 要如何避免出現(Warning:Using a password on the command line interface can be insecure.) 警告資訊呢?

vim /etc/mysql/my.cnf

[mysqldump]

user=your_backup_user_name

password=your_backup_password

修改完配置檔案後, 隻需要執行mysqldump 腳本就可以了;備份腳本中不需要涉及使用者名密碼相關資訊;