1. Change root user

Bash

su -
## OR ##
sudo -i

2. Install mysql YUM repository

Fedora

Bash

## Fedora 25 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc25-9.noarch.rpm

## Fedora 24 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc24-9.noarch.rpm

## Fedora 23 ##
dnf install https://dev.mysql.com/get/mysql57-community-release-fc23-9.noarch.rpm

CentOS and Red Hat (RHEL)

Bash

## CentOS 7 and Red Hat (RHEL) 7 ##
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el7-9.noarch.rpm

## CentOS 6 and Red Hat (RHEL) 6 ##
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el6-9.noarch.rpm

## CentOS 5 and Red Hat (RHEL) 5 ## 
yum localinstall https://dev.mysql.com/get/mysql57-community-release-el5-7.noarch.rpm

3. Update or Install MySQL 5.7.17

Fedora 25/24/23

Bash

dnf install mysql-community-server

CentOS 7.3/6.8/5.11 and Red Hat (RHEL) 7.3/6.8/5.11

Bash

yum install mysql-community-server

4. Start MySQL server and autostart MySQL on boot

Fedora 25/24/23 and CentOS 7.3 and Red Hat (RHEL) 7.3

Bash

systemctl start mysqld.service ## use restart after update

systemctl enable mysqld.service

CentOS 6.8/5.11 and Red Hat (RHEL) 6.8/5.11

Bash

/etc/init.d/mysql start ## use restart after update
## OR ##
service mysql start ## use restart after update

chkconfig --levels 235 mysqld on

5. Get Your Generated Random root Password

Bash

grep ‘A temporary password is generated for [email protected]‘ /var/log/mysqld.log |tail -1

Example Output:

Bash

2015-11-20T21:11:44.229891Z 1 [Note] A temporary password is generated for [email protected]: -et)QoL4MLid

And root password is: -et)QoL4MLid

6. MySQL Secure Installation

  • Change root password
  • Remove anonymous users
  • Disallow root login remotely
  • Remove test database and access to it
  • Reload privilege tables

Start MySQL Secure Installation with following command

Bash

/usr/bin/mysql_secure_installation

Output:

Bash


Securing the MySQL server deployment.

Enter password for user root: 
The ‘validate_password‘ plugin is installed on the server.
The subsequent steps will run with the existing configuration
of the plugin.
Using existing password for root.

Estimated strength of the password: 100 
Change the password for root ? ((Press y|Y for Yes, any other key for No) : Y

New password: 

Re-enter new password: 

Estimated strength of the password: 100 
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.

Remove anonymous users? (Press y|Y for Yes, any other key for No) : Y
Success.


Normally, root should only be allowed to connect from
‘localhost‘. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : Y
Success.

By default, MySQL comes with a database named ‘test‘ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.


Remove test database and access to it? (Press y|Y for Yes, any other key for No) : Y
 - Dropping test database...
Success.

 - Removing privileges on test database...
Success.

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Y
Success.

All done! 

Note: If you don’t want some reason, do a “MySQL Secure Installation” then at least it’s very important to change the root user’s password

Bash

mysqladmin -u root password [your_password_here]

## Example ##
mysqladmin -u root password myownsecrectpass

7. Connect to MySQL database (localhost) with password

Bash

mysql -u root -p

## OR ##
mysql -h localhost -u root -p

8. Create Database, Create MySQL User and Enable Remote Connections to MySQL Database

This example uses following parameters:

  • DB_NAME = webdb
  • USER_NAME = webdb_user
  • REMOTE_IP = 10.0.15.25
  • PASSWORD = password123
  • PERMISSIONS = ALL
SQL

## CREATE DATABASE ##
mysql> CREATE DATABASE webdb;

## CREATE USER ##
mysql> CREATE USER ‘webdb_user‘@‘10.0.15.25‘ IDENTIFIED BY ‘password123‘;

## GRANT PERMISSIONS ##
mysql> GRANT ALL ON webdb.* TO ‘webdb_user‘@‘10.0.15.25‘;

##  FLUSH PRIVILEGES, Tell the server to reload the grant tables  ##
mysql> FLUSH PRIVILEGES;

Enable Remote Connection to MariaDB Server –> Open MySQL Port (3306) on Iptables Firewall (as root user again)

1. Fedora 25/24/23 and CentOS/Red Hat (RHEL) 7.3

1.1 Add New Rule to Firewalld

Bash

firewall-cmd --permanent --zone=public --add-service=mysql

## OR ##

firewall-cmd --permanent --zone=public --add --port=3306/tcp

1.2 Restart firewalld.service

Bash

systemctl restart firewalld.service

2. CentOS/Red Hat (RHEL) 6.8/5.11

2.1 Edit /etc/sysconfig/iptables file:

Bash
nano -w /etc/sysconfig/iptables

2.2 Add following INPUT rule:

Bash
-A INPUT -m state --state NEW -m tcp -p tcp --dport 3306 -j ACCEPT

2.3 Restart Iptables Firewall:

Bash

service iptables restart
## OR ##
/etc/init.d/iptables restart

3. Test remote connection

Bash

mysql -h 10.0.15.25 -u myusername -p