Manager, Developer Education
MySQL is an open-source database management system, commonly installed as part of the popular LAMP (Linux, Apache, MySQL, PHP/Python/Perl) stack. It implements the relational model and uses Structured Query Language (better known as SQL) to manage its data.
This quickstart tutorial will explain how to install MySQL version 8.0 on an Ubuntu 20.04 server.
To follow this tutorial, you will need:
To install MySQL, first update your server’s package index if you’ve not done so recently:
- sudo apt update
Then install the mysql-server
package:
- sudo apt install mysql-server
Ensure that MySQL is running:
- sudo systemctl start mysql.service
Run MySQL’s included security script with sudo
:
- sudo mysql_secure_installation
This will take you through a series of prompts where you can make some changes to your MySQL installation’s security options. The first prompt will ask whether you’d like to set up the Validate Password Plugin, which can be used to test the strength of your MySQL password.
If you elect to set up the Validate Password Plugin, the script will ask you to choose a password validation level, with the weakest being 0
and the strongest being 2
:
OutputSecuring the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: Y
There are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG:
2
The next prompt will be to enter and confirm a password for the MySQL root user:
OutputPlease set the password for root here.
New password:
Re-enter new password:
The script will then ask if you want to continue with the password you just entered or if you want to enter a new one. If you’re satisfied with your password, enter Y
to continue the script:
OutputEstimated strength of the password: 100
Do you wish to continue with the password provided?(Press y|Y for Yes, any other key for No) : Y
From there, you can press Y
and then ENTER
to accept the defaults for all the subsequent questions.
Upon installation, MySQL creates a privileged root user account which you can use to manage your database, though it’s best to avoid using this account outside of administrative functions. This step outlines how to use the root MySQL user to create a new user account and grant it privileges.
Connect to the database as the root MySQL user:
- sudo mysql
Note: If you installed MySQL with another tutorial and enabled password authentication for root, you will need to use the following command to access the MySQL shell:
- mysql -u root -p
Once you have access to the MySQL prompt, you can create a new user with a CREATE USER
statement. These follow this general syntax:
- CREATE USER 'username'@'host' IDENTIFIED WITH authentication_plugin BY 'password';
You have several options when it comes to choosing your user’s authentication plugin. The auth_socket
plugin mentioned previously can be convenient, as it provides strong security without requiring valid users to enter a password to access the database. But it also prevents remote connections, which can complicate things when external programs need to interact with MySQL.
As an alternative, you can leave out the WITH authentication plugin
portion of the syntax entirely to have the user authenticate with MySQL’s default plugin, caching_sha2_password
. The following ocmmand creates a user that authenticates with caching_sha2_password
. Be sure to change sammy
to your preferred username and password
to a strong password of your choosing:
- CREATE USER 'sammy'@'localhost' IDENTIFIED BY 'password';
Note: There is a known issue with some versions of PHP that causes problems with caching_sha2_password
. If you plan to use this database with a PHP application — phpMyAdmin, for example — you may want to create a user that will authenticate with the older, though still secure, mysql_native_password
plugin instead:
- CREATE USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
If you aren’t sure, you can always create a user that authenticates with caching_sha2_plugin
and then ALTER
it later on with this command:
- ALTER USER 'sammy'@'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
After creating your new user, you can grant them the appropriate privileges.
To illustrate, the following command grants a user global privileges to CREATE
, ALTER
, and DROP
databases, tables, and users, as well as the power to INSERT
, UPDATE
, and DELETE
data from any table on the server. It also grants the user the ability to query data with SELECT
. Run this GRANT
statement, replacing sammy
with your own MySQL user’s name, to grant these privileges to your user:
- GRANT CREATE, ALTER, DROP, INSERT, UPDATE, DELETE, SELECT on *.* TO 'sammy'@'localhost' WITH GRANT OPTION;
Warning: Some users may want to grant their MySQL user the ALL PRIVILEGES
privilege, which will provide them with broad superuser privileges akin to the root user’s privileges, like so:
- GRANT ALL PRIVILEGES ON *.* TO 'sammy'@'localhost' WITH GRANT OPTION;
Such broad privileges should not be granted lightly, as anyone with access to this MySQL user will have complete control over every database on the server.
Following this, it’s good practice to run the FLUSH PRIVILEGES
command:
- FLUSH PRIVILEGES;
Then you can exit the MySQL client:
- exit
In the future, to log in as your new MySQL user, you’d use a command like the following:
- mysql -u sammy -p
The -p
flag will cause the MySQL client to prompt you for your MySQL user’s password in order to authenticate.
You now have a basic MySQL setup installed on your server. Here are a few examples of next steps you can take:
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!