CDLab Technology · Providing professional DevOps practice and tools

How to setup MySQL server 8.0 on Debian based systems

 

MySQL is an open-source relational database management system (RDBMS) with a client-server model.

 

In Debian 10, MariaDB, a community fork of the MySQL project, is packaged as the default MySQL variant. Although MariaDB works well in most cases, if you want features that are only available in Oracle MySQL, you can install and use packages from the repository maintained by the MySQL developers.

 

To install the latest version of MySQL, we will add this repository, install the MySQL software itself, secure the installation, and finally verify that MySQL is running and responding to commands.

 

We will show you how to install MySQL-server on Debian-like operating systems such as Debian 9/10, Ubuntu 18/19/20.

 

!!! All commands are executed in privileged mode. To enter it, you need to execute the command

sudo -s

Step 1 - Add software repositories

Update the local package:

apt update

Download using the command wget the latest MySQL .deb package from the official site.

 

Find the Download button in the lower-right corner and click through to the next page. This page will prompt you to log in or sign up for an Oracle web account. We can skip that and instead look for the link that says No thanks, just start my download. Right-click the link and select Copy Link Address (this option may be worded differently, depending on your browser).


wget https://dev.mysql.com/get/mysql-apt-config_0.8.16-1_all.deb

Then let's install the downloaded file

dpkg -i mysql-apt-config*

Configure the package, MySQL server & cluster -  choose mysql-8.0

The last parameters stay by default

 

Refresh your apt package cache to make the new software packages available

apt update

Step 2 - Install MySQL-server

apt install mysql-server

During installation, you will be asked to enter the root password. We highly recommend entering a complex password:
- letters of different register
- numbers and specials symbols
- at least 8 characters long

 

Also, installation ask about authentication plugin, and we recommend Use Legacy authentication method (because the caching_sha2_password server-side plugin is not implemented in MySQL 5.7).


Now MySQL server should be installed, let's check:

systemctl status mysql

Step 3 - Recommend security setting

Then we recommend do security-related updates on our new install using the command

mysql_secure_installation

First, the installation asks about VALIDATE PASSWORD COMPONENT can be used to test passwords and improve security. It checks the strength of password and allows the users to set only those passwords which are secure enough. Would you like to setup VALIDATE PASSWORD component?

Type Y

There are three levels of password validation policy:

LOW    Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file

Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 

Type 1 Medium (It will be enough)

The next question about anonymous users:

By default, a MySQL installation has an anonymous user, allowing anyone to log into MySQL without having to have a user account created for them. This is intended only for testing, and to make the installation go a bit smoother. You should remove them before moving into a production environment. Remove anonymous users?

Type Y

The next one about remotely root login:

Normally, root should only be allowed to connect from 'localhost'. This ensures that someone cannot guess at the root password from the network. Disallow root login remotely?

Type Y (We highly recommend)

Then, remove the default test database:

By default, MySQL comes with a database named 'test' that anyone can access. This is also intended only for testing, and should be removed before moving into a production environment. Remove test database and access to it?

Type Y

The last one - reload privilege

Type Y

 

All done!

Now our MySQL installation is reasonably secured. Let’s test it again by running a client that connects to the server and returns some information.

Create date 27.11.2020