MySQL設(shè)置白名單:
1卧斟、查詢哪些機(jī)器有登陸的權(quán)限
use mysql;
select Host,User from user;
+-----------+---------------+
| Host | User |
+-----------+---------------+
| % | root |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | root |
+-----------+---------------+
rows in set (0.00 sec)
2辽故、允許指定IP和某一段內(nèi)可以登陸
GRANT ALL ON . to root@'192.168.192.134' IDENTIFIED BY '密碼';
MySQL通配符不是用* 而是用 %
允許一個(gè)網(wǎng)段登錄,1個(gè)通配符或多個(gè)通配符过牙,都需要增加WITH GRANT OPTION參數(shù)(如果不增加此參則無法實(shí)現(xiàn),文檔最后有官方解釋)
GRANT ALL PRIVILEGES ON . TO root@'192.168.192.%' IDENTIFIED BY 'root' WITH GRANT OPTION;
或
GRANT ALL PRIVILEGES ON . TO root@'192.168.%.%' IDENTIFIED BY 'root' WITH GRANT OPTION;
3埋市、刪除白名單用戶權(quán)限:(確定上一步指定的IP可以登陸后去除所有節(jié)點(diǎn)登陸權(quán)限)
如果Host出現(xiàn)%則表示任意節(jié)點(diǎn)都可以登陸谴返,可將%的項(xiàng)去除煞肾,實(shí)現(xiàn)僅白名單登錄目的
DELETE FROM user WHERE User='root' and Host='%';
4、修改權(quán)限之后刷新生效
FLUSH PRIVILEGES;
5嗓袱、驗(yàn)證
mysql> select host,user from user;
+-----------------+---------------+
| host | user |
+-----------------+---------------+
| 192.168.192.% | root |
| 192.168.192.134 | root |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | root |
+-----------------+---------------+
rows in set (0.00 sec)
原文鏈接:https://blog.csdn.net/weixin_44711737/article/details/116976278
