MySQL设置白名单:
1、查询哪些机器有登陆的权限
use mysql;
select Host,User from user;
+-----------+---------------+
| Host | User |
+-----------+---------------+
| % | root |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | root |
+-----------+---------------+
rows in set (0.00 sec)
2、允许指定IP和某一段内可以登陆
GRANT ALL ON . to root@'192.168.192.134' IDENTIFIED BY '密码';
MySQL通配符不是用* 而是用 %
允许一个网段登录,1个通配符或多个通配符,都需要增加WITH GRANT OPTION参数(如果不增加此参则无法实现,文档最后有官方解释)
GRANT ALL PRIVILEGES ON . TO root@'192.168.192.%' IDENTIFIED BY 'root' WITH GRANT OPTION;
或
GRANT ALL PRIVILEGES ON . TO root@'192.168.%.%' IDENTIFIED BY 'root' WITH GRANT OPTION;
3、删除白名单用户权限:(确定上一步指定的IP可以登陆后去除所有节点登陆权限)
如果Host出现%则表示任意节点都可以登陆,可将%的项去除,实现仅白名单登录目的
DELETE FROM user WHERE User='root' and Host='%';
4、修改权限之后刷新生效
FLUSH PRIVILEGES;
5、验证
mysql> select host,user from user;
+-----------------+---------------+
| host | user |
+-----------------+---------------+
| 192.168.192.% | root |
| 192.168.192.134 | root |
| localhost | mysql.session |
| localhost | mysql.sys |
| localhost | root |
+-----------------+---------------+
rows in set (0.00 sec)
原文链接:https://blog.csdn.net/weixin_44711737/article/details/116976278