Jump to content
Please Use CODE Tags

mySQL server installation disallow root login remotely, should I do it?

mrchow19910319
By mrchow19910319
in Programming
 Share
Go to solution Solved by Limecat86,
12 hours ago, mrchow19910319 said:

I was following this guide : 


https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04

 

 And during the set up process I need to choose: do I allow remote log in using root,
should I choose no?

If I do choose no, how do I log in to SQL server remotely?> 

Using SSL?

Choose no. You can always log in remotely through an SSH tunnel. When I setup a LAMP stack I usually configure MySQL to only accept connections from localhost. (given that all services run on the same machine).

Posted

I was following this guide : 


https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04

 

 And during the set up process I need to choose: do I allow remote log in using root,
should I choose no?

If I do choose no, how do I log in to SQL server remotely?> 

Using SSL?

If it is not broken, let's fix till it is. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

In most cases, you do not need to log in from remote with root account. Root account should only be used for initial setup and and rare cases where standard account will not be enough. Most changes within a single database can be easily done with a newly created database account that has limited permissions.

 

You can still log in with root account from the machine itself.

You can still log in with another account remotely.

 

SSL/TLS is a whole different story and should be used as much as possible, unless you are in very secure environment and you don't mind/care about traffic sniffing there.

HAL9000: AMD Ryzen 9 3900x | Noctua NH-D15 chromax.black | 32 GB Corsair Vengeance LPX DDR4 3200 MHz | Asus X570 Prime Pro | ASUS TUF 3080 Ti | 1 TB Samsung 970 Evo Plus + 1 TB Crucial MX500 + 6 TB WD RED | Corsair HX1000 | be quiet Pure Base 500DX | LG 34UM95 34" 3440x1440

Hydrogen server: Intel i3-10100 | Cryorig M9i | 64 GB Crucial Ballistix 3200MHz DDR4 | Gigabyte B560M-DS3H | 33 TB of storage | Fractal Design Define R5 | unRAID 6.9.2

Carbon server: Fujitsu PRIMERGY RX100 S7p | Xeon E3-1230 v2 | 16 GB DDR3 ECC | 60 GB Corsair SSD & 250 GB Samsung 850 Pro | Intel i340-T4 | ESXi 6.5.1

Big Mac cluster: 2x Raspberry Pi 2 Model B | 1x Raspberry Pi 3 Model B | 2x Raspberry Pi 3 Model B+

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
51 minutes ago, jj9987 said:

In most cases, you do not need to log in from remote with root account. Root account should only be used for initial setup and and rare cases where standard account will not be enough. Most changes within a single database can be easily done with a newly created database account that has limited permissions.

 

You can still log in with root account from the machine itself.

You can still log in with another account remotely.

 

SSL/TLS is a whole different story and should be used as much as possible, unless you are in very secure environment and you don't mind/care about traffic sniffing there.

I see. Thanks for the clarification! 

If it is not broken, let's fix till it is. 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Solution
12 hours ago, mrchow19910319 said:

I was following this guide : 


https://www.digitalocean.com/community/tutorials/how-to-install-linux-apache-mysql-php-lamp-stack-on-ubuntu-16-04

 

 And during the set up process I need to choose: do I allow remote log in using root,
should I choose no?

If I do choose no, how do I log in to SQL server remotely?> 

Using SSL?

Choose no. You can always log in remotely through an SSH tunnel. When I setup a LAMP stack I usually configure MySQL to only accept connections from localhost. (given that all services run on the same machine).

CPU: i7-12700KF Grill Plate Edition // MOBO: Asus Z690-PLUS WIFI D4 // RAM: 16GB G.Skill Trident Z 3200MHz CL14 

GPU: MSI GTX 1080 FE // PSU: Corsair RM750i // CASE: Thermaltake Core X71 // BOOT: Samsung Evo 960 500GB

STORAGE: WD PC SN530 512GB + Samsung Evo 860 500GB // COOLING: Full custom loop // DISPLAY: LG 34UC89G-B

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
37 minutes ago, Limecat86 said:

Choose no. You can always log in remotely through an SSH tunnel. When I setup a LAMP stack I usually configure MySQL to only accept connections from localhost. (given that all services run on the same machine).

I see thanks! 

If it is not broken, let's fix till it is. 

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programming

×