MySQL设置白名单,允许单个IP或某段节点登录 |
您所在的位置:网站首页 › mysql指定ip不能连接 › MySQL设置白名单,允许单个IP或某段节点登录 |
MySQL设置白名单: 1、查询哪些机器有登陆的权限 use mysql; select Host,User from user; +-----------+---------------+ | Host | User | +-----------+---------------+ | % | root | | localhost | mysql.session | | localhost | mysql.sys | | localhost | root | +-----------+---------------+ 4 rows in set (0.00 sec)2、允许指定IP和某一段内可以登陆 GRANT ALL ON *.* to root@'192.168.192.134' IDENTIFIED BY '密码';MySQL通配符不是用* 而是用 % 允许一个网段登录,1个通配符或多个通配符,都需要增加WITH GRANT OPTION参数(如果不增加此参则无法实现,文档最后有官方解释) GRANT ALL PRIVILEGES ON *.* TO root@'192.168.192.%' IDENTIFIED BY 'root' WITH GRANT OPTION; 或 GRANT ALL PRIVILEGES ON *.* TO root@'192.168.%.%' IDENTIFIED BY 'root' WITH GRANT OPTION;3、删除白名单用户权限:(确定上一步指定的IP可以登陆后去除所有节点登陆权限) 如果Host出现%则表示任意节点都可以登陆,可将%的项去除,实现仅白名单登录目的 DELETE FROM user WHERE User='root' and Host='%';4、修改权限之后刷新生效 FLUSH PRIVILEGES;5、验证 mysql> select host,user from user; +-----------------+---------------+ | host | user | +-----------------+---------------+ | 192.168.192.% | root | | 192.168.192.134 | root | | localhost | mysql.session | | localhost | mysql.sys | | localhost | root | +-----------------+---------------+ 5 rows in set (0.00 sec)授权节点登录正常 然后官网查了下GRANT OPTION参数: https://dev.mysql.com/doc/refman/5.7/en/privileges-provided.html GRANT OPTION参数: 继续授权 ( WITH GRANT OPTION) 本文参考: https://zhuleichina.github.io/2018/01/21/mysql%E6%95%B0%E6%8D%AE%E5%BA%93%E8%BF%9C%E7%A8%8B%E8%AE%BF%E9%97%AE%E7%99%BD%E5%90%8D%E5%8D%95%E8%AE%BE%E7%BD%AE.html |
今日新闻 |
推荐新闻 |
CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3 |