Menu
I cannot find answer on google on that anywhere (because of SEO and nature of english language I cannot ask correct question as I am not native) I'll try to explain as simple as I can:
use mysql;
select user,host,password from mysql.user;
I got in response:
+---------+-----------+-------------------------------------------+
| User | Host | Password |
+---------+-----------+-------------------------------------------+
| root | localhost | *5298BA3BC4092F7B664B1A71FE173FBA4F8C6BA1 |
| mysql | localhost | invalid |
Is this normal? After my server was hacked, I rebuild it from scratch, reinstalled mariadb with the same settings as before but I don't remember if this is normal.
MariaDB version is:
mysql Ver 15.1 Distrib 10.4.11-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
I have very large database (over 4GB) and cannot do a single query on it because error 2013 (i.e. "Lost connection to MySQL server during query") so I am trying to narrow the cause of malfunction. Struggling with the problem for 5 days and I am out of options so just curious if this may have something to do with it.
630
The default user for MySQL is root and by default it has no password.
In order to recover the password, you simply have to follow these steps: Stop the MySQL server process with the command sudo service mysql stop. Start the MySQL server with the command sudo mysqld_safe –skip-grant-tables –skip-networking & Connect to the MySQL server as the root user with the command mysql -u root.
It's not very clear in their documentation, but it appears to be the normal initial string for a user's password:
https://mariadb.com/kb/en/authentication-from-mariadb-104/
... an invalid password is initially set, so in order to authenticate this way, a password must be set with SET PASSWORD.
Later in the same page:
... the old authentication method — conventional MariaDB password — is still available. By default it is disabled (“invalid” is not a valid password hash), but one can set the password with a usual SET PASSWORD statement.
The string "invalid" is used instead of a legitimate hash string, because there's no way any password you type could be hashed and result in the string "invalid." That string isn't even the right length to be the result of a hash. Also, it contains characters that are not valid hexadecimal digits.
Practically any other word or phrase could be stored in place of the word "invalid," this is just what the developer chose to use.
Note this trick of storing a non-hash string in the field intended for a password hash doesn't work in MySQL 5.7. I've seen this trick used before in MySQL 5.6, but when we upgraded to MySQL 5.7, it wouldn't accept a string in that place unless it was a valid hash string.
194
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
