The best way to specify server connection information is with your .mylogin.cnf
file. Not only is this file encrypted, but any logging of the utility execution will not expose the connection information. Thus, no user names, passwords, ports, etc. are visible in the log. This is the preferred method for using MySQL Utilities to connect to servers.
Note: MySQL Utilities version 1.2.1 and later support login-paths.
Utilities support the use of login-paths in the connection string provided they use the following format login-path-name[:port][:socket]
where the port and socket parameters are optional. If used, these optional parameters override the respective options from the specified login-path.
When using login-paths, there are no default values except on Posix systems when specifying a socket. In this case, the host option defaults to localhost. This means that combining the values specified in the login-path with the two optional values port and socket, one needs to specify at least a user, a hostname and a port or socket.
Use the mysql_config_editor tool (http://dev.mysql.com/doc/en/mysql-config-editor.html) to add the connection information as follows.
shell> mysql_config_editor set --login-path=instance_13001 --host=localhost --user=root --port=13001 --password
Enter password: <Password is prompted to be inserted in a more secure way>
Next, use the following command to confirm that the login-path data was correctly added to .mylogin.cnf
(the encrypted file):
shell> mysql_config_editor print --login-path=instance_13001
[instance_13001]
user = root
password = *****
host = localhost
port = 13001
Once your .mylogin.cnf
file is configured, you need only specify the section of the .mylogin.cnf
file for the server connection. For example, the section created in the previous example is 'instance_13001'. Thus, we use --server=instance_13001. The following shows the execution of a utility specifying the login-path section.
shell> mysqlserverinfo --server=instance_13001 --format=vertical
# Source on localhost: ... connected.
************************* 1. row *************************
server: localhost:13001
config_file: /etc/my.cnf, /etc/mysql/my.cnf
binary_log: clone-bin.000001
binary_log_pos: 341
relay_log:
relay_log_pos:
version: 5.6.17-log
datadir: /Volumes/Source/source/temp_13001/
basedir: /Volumes/Source/source/bzr/mysql-5.6
plugin_dir: /Volumes/Source/source/bzr/mysql-5.6/lib/plugin/
general_log: OFF
general_log_file:
general_log_file_size:
log_error:
log_error_file_size:
slow_query_log: OFF
slow_query_log_file:
slow_query_log_file_size:
1 row.
#...done.
See the online MySQL Reference Manual for more information about login-paths, the .mylogin.cnf
file, and themysql_config_editor client.
MySQL 5.6 에 보안을 위한Tool (mysql_config_editor)이 추가되어 테스트 해보았습니다.
mysql 접속시 암호를 넣지않고 접속할 수 있네요.
--=========================================================================== --mysql_config_editor — MySQL Configuration Utility --=========================================================================== -- http://dev.mysql.com/doc/refman/5.6/en/mysql-config-editor.html -- http://anothermysqldba.blogspot.kr/2013/05/mysql-users-grants-mysqlconfigeditor.html -- http://mysqlblog.fivefarmers.com/2012/08/16/understanding-mysql_config_editors-security-aspects/ --=========================================================================== mysql_config_editor set --login-path=local_test --host=localhost--user=root --password --socket=/tmp/mysql.sock --port=15615 mysql_config_editor print --all [local_test] user = root password = ***** host = localhost socket = /tmp/mysql.sock port = 3306 ls -l ~/.mylogin.cnf -rw-------. 1 root root 192 Dec 26 17:15 /root/.mylogin.cnf cat ~/.mylogin.cnf ;z?rr떡_喘픕톄 }}??F??C_쟛-曰 ?`택? --> Binary file 로 되어있어서읽지못함 mysql --login-path=local_test Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 11 Server version: 5.6.15-log MySQL Community Server (GPL) Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. [localhost] ((none)) 17:16> mysql --login-path=local_test TEST Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 11 Server version: 5.6.15-log MySQL Community Server (GPL) Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. [localhost] (TEST) 17:17>
mysql_config_editor remove --login-path=local_test mysql_config_editor print --all |
'연구개발 > MYSQL' 카테고리의 다른 글
Buffer Cache 초기화 후, Data Caching 을 위한 Script (0) | 2014.12.10 |
---|---|
Warm-up InnoDB Buffer Pool (0) | 2014.12.10 |
Mysql: Daily Checklist (0) | 2014.12.09 |
스키마 검수 (0) | 2014.12.09 |
jmeter 스트레스 툴 (0) | 2014.12.09 |