- Access denied for user ‘root’@’localhost’ (using password: YES) after new installation on Ubuntu
- Как разрешить пользователю root заходить по SSH в системах Linux Ubuntu
- С использованием сертификата
- По паролю
- PuTTY password access denied [closed]
- 2 Answers 2
- ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
- 4 Answers 4
Access denied for user ‘root’@’localhost’ (using password: YES) after new installation on Ubuntu
TL;DR: To access newer versions of mysql/mariadb as the root user, after a new install, you need to be in a root shell (ie sudo mysql -u root , or mysql -u root inside a shell started by su — or sudo -i first)
Having just done the same upgrade, on Ubuntu, I had the same issue.
sudo /usr/bin/mysql_secure_installation
Would accept my password, and allow me to set it, but I couldn’t log in as root via the mysql client
I had to start mariadb with
sudo mysqld_safe --skip-grant-tables
to get access as root, whilst all the other users could still access fine.
Looking at the mysql.user table I noticed for root the plugin column is set to unix_socket whereas all other users it is set to ‘mysql_native_password’. A quick look at this page: https://mariadb.com/kb/en/mariadb/unix_socket-authentication-plugin/ explains that the Unix Socket enables logging in by matching uid of the process running the client with that of the user in the mysql.user table. In other words to access mariadb as root you have to be logged in as root.
Sure enough restarting my mariadb daemon with authentication required I can login as root with
Having done this I thought about how to access without having to do the sudo, which is just a matter of running these mysql queries
GRANT ALL PRIVILEGES on *.* to 'root'@'localhost' IDENTIFIED BY ''; FLUSH PRIVILEGES;
(replacing with your desired mysql root password). This enabled password logins for the root user.
Alternatively running the mysql query:
UPDATE mysql.user SET plugin = 'mysql_native_password' WHERE user = 'root' AND plugin = 'unix_socket'; FLUSH PRIVILEGES;
Will change the root account to use password login without changing the password, but this may leave you with a mysql/mariadb install with no root password on it.
After either of these you need to restarting mysql/mariadb:
sudo service mysql restart
And voila I had access from my personal account via mysql -u root -p
PLEASE NOTE THAT DOING THIS IS REDUCING SECURITY Presumably the MariaDB developers have opted to have root access work like this for a good reason.
Thinking about it I’m quite happy to have to sudo mysql -u root -p so I’m switching back to that, but I thought I’d post my solution as I couldn’t find one elsewhere.
Как разрешить пользователю root заходить по SSH в системах Linux Ubuntu
Обновлено: 04.03.2023 Опубликовано: 07.01.2017
По умолчанию, в некоторых системах Linux (например, Ubuntu) для суперпользователя root вход по SSH с использованием пароля не работает. При попытке подключиться можно увидеть сообщение «access denied» или «permission denied». Такая настройка необходима для обеспечения большей безопасности системе. Однако, если требуется предоставить возможность подключаться по SSH от пользователя root, необходимо выполнить нижеописанное.
* Инструкция подойдет для большинства UNIX-систем.
С использованием сертификата
Система настроена таким образом, чтобы можно было подключиться под пользователем root с использованием сертификата. Рассмотрим, как это сделать.
На любом компьютере с Linux сгенерируем пару ключей командой:
. будет создано 2 файла id_ed25519.pub и id_ed25519. Содержимое файла id_ed25519.pub фиксируем.
Идем на наш целевой компьютер Ubuntu. Создаем каталог:
Вставляем в него содержимое файла id_ed25519.pub.
Теперь с компьютера, где были созданы сертификаты можно зайти на компьютер с Ubuntu:
Теперь с использованием ключа из файла id_ed25519 можно подключиться к нашему компьютеру Ubuntu без пароля.
По паролю
Для начала, необходимо создать пароль пользователю root следующей командой:
После нажатия Enter вводим дважды пароль.
Теперь открываем настройки SSH:
и редактируем параметр PermitRootLogin — задаем значение yes:
* если параметр закомментирован, снимаем комментарий.
** по умолчанию, значение может быть without-password или prohibit-password — оно разрешает вход для root средствами GSSAPI (не парольной аутентификации), например, смарт-карты или отпечатка пальца.
systemctl restart ssh || systemctl restart sshd
или в старых версиях без systemd:
service ssh restart || service sshd restart
PuTTY password access denied [closed]
I try to log in with PuTTY as root, but when I type in the password it says access denied. Can someone please help me fix this?
What have you tried? Did you verify you’re connecting to the correct host? Is e password correct, or did you e.g. Change keyboard layouts? Can you log in using other users? Is SSH root login enabled or disabled?
As an addition to @DanielBeck’s questions: Is root login enabled on the server? What’s the /etc/ssh/sshd_config look like?
I agree something like «I can log in just fine to that host with the user/pass that I know, using the hypervisor» but closing this question is too far.
2 Answers 2
There are only four potential problem I can think of (most of which have been covered already):
- If you’re using an IP address, check it.
- If you’re using a host name, verify that it’s pointing to the right IP address and/or try the IP address instead.
- The fact that you have root access doesn’t mean you can actually log in as root. It only means that you have an account with root privileges (normally via sudo).
- If you’re not entering the username manually, make sure Connection → Data → Auto-login username is actually set to root.
- Check the password you’re entering.
- Verify that CapsLock is disabled.
- Verify that PuTTY uses the proper keyboard layout.
- Instead of Ctrl+V, try copying the password, then click inside the console and right click.
- If you use AltGr , make sure Terminal → Keyboard → AltGr acts as Comopse key isn’t checked.
- If none of the above works, clear the field Connection → Data → Auto-login username (assuming it is set) and enter the password in the username field to verify it gets entered correctly.
Some SSH servers can disable SSH logins for certain users and may even disable root logins by default. If you’re using Open SSH server, you have to edit /etc/ssh/sshd_config and make sure that it doesn’t contain one of the following lines:
PermitRootLogin no PermitRootLogin without-password
Both result in a simple Access denied. error, although they permit you to enter the password. The latter only allows root logins when authenticating using public keys.
To permit root logins, remove the corresponding line or replace it with the following:
See man sshd_config for further information.
ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
2.When I enter the mysql -u root -p command and am prompted for the password.
Please I really need help on this — I have lost count of the number of times I have had to uninstall and reinstall either MySQL or MariaDb because this pain in neck erf an error.
Hi Jobin, I have tried the first command:mysqladmin -u root -pcurrentpassword password ‘newpassword’ but the system just hangs.Is there a limit to the number of characters we can use as a password coz mine is over 100 characters long.I didnt have any issues when setting the password so I dont see why that should be an issue now.Thanks.
I think I may have figured out the issue — It has to do with the long password.I think that this should reported as a bug to MySQl and MariaDB developers because on installation you can create a password with over 100 characters but when you try to login to MySQl or MariaDB when it is in production you get the above error.So glad I figured this out after so much pain — surprising really that this has not been identified as a bug considering how many years MySQL has been in production.
This is really strange coz I havnt found any definite documentation or answers on the maximum MySQL password length — not hash mind you.This is crazy coz the longer the password the harder it will be to crack.
Have you actually enabled the root account? You’re not giving your regular user’s password are you? Also, I assume you know that root’s password and root’s mysql password are not the same right?
Hello @terdon and to answer your questions, the root account is enabled and I am not giving anyone any passwords for now.I also do know the difference between the Linux Server root password and MySQLs root password.I have answered the question I asked — please look at my below after a painful and lengthy process.I do hope that this helps anyone out there who faces a similiar issue.Cheers.
4 Answers 4
Check the file: /etc/mysql/mariadb.conf.d/mysqld.cnf
verify if this line exists:
plugin-load-add = auth_socket.so
and make these modifications:
MariaDB [(none)]>use mysql; MariaDB [(none)]>update user set plugin=' ' where User='root'; MariaDB [(none)]>flush privileges; MariaDB [(none)]>exit
I didn’t have access to mysqlworkbench , but after I applied this solution, everything ruan well.
MAN ! Fabby and David please take a moment to come back here and shed some light on whath the «plugin» thing is here for MariaDb, this solution worked for me. My issue started on an abnormal system shutdown and mariadb stopped allowing access for root.
Thanks David! I was able to set a root password for MariaDB by running sudo /usr/bin/mysql_secure_installation but unable to get in anywhere else (CLI or MySQL Workbench) until I followed these steps. What role does this plugin-load-add = auth_socket.so play in resolving this issue?
I think I may have figured out the issue — It has to do with the long password.I think that this should reported as a bug to MySQl and MariaDB developers because on installation you can create a password with over 100 characters but when you try to login to MySQl or MariaDB when it is in production you get the above error.
So glad I figured this out after so much pain — surprising really that this has not been identified as a bug considering how many years MySQL has been in production.
So basically one resolution is to go through the following steps to resolve the above issue:
- Start with a blank password on a non-production server and is if it works
- If you are successful with step 1 then proceed with securing your mysql installation by typing the follwing command: sudo /usr/bin/mysql_secure_installation and try entering a more complex password — comination of lowercase letters, numbers, symbols and uppercase letters of at least 8 characters should be fine.
- I recommend starting with 8 and move upwards till you reach a ceiling with the number of characters you can enter.
The above should be a step in the right direction to getting your MySQL server secured.