MySQL 5.6 配置安全的加密密码

在shell脚本中，通常要配置数据库的明文密码，这是不安全的。在MySQL 5.6版本以后，可以配置安全的加密密码文件，之后可以使用加密后的密码文件连接数据库，而不需要输入明文密码。
为本地root用户配置安全加密密码
[root@localhost ~]# mysql_config_editor set –user=root –password
Enter password:

尝试连接数据库
[root@localhost ~]# mysql
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 179
Server version: 5.6.31-77.0-log Percona Server (GPL), Release 77.0, Revision 5c1061c

Copyright (c) 2009-2016 Percona LLC and/or its affiliates
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

mysql> select user();
+—————-+
| user()         |
+—————-+
| root@localhost |
+—————-+
1 row in set (0.00 sec)

mysql> exit
Bye

到家目录，查看加密密码文件，可以看到里面的乱码
[root@localhost ~]# cd
[root@localhost ~]# cat .mylogin.cnf
?
?#[root@localhost ~]# p_?EQ!?a\S??T SB??hH?XJ?-&?P?-/?|m5?

配置指定的远程数据库连接用户
[root@localhost ~]# mysql_config_editor set –login-path=remote –host=192.168.56.101 –user=ss7 –password
Enter password:

查看配置过的加密密码清单
[root@localhost ~]# mysql_config_editor print –all
[client]
user = root
password = *****
[remote]
user = ss7
password = *****
host = 192.168.56.101

尝试连接数据库
[root@localhost ~]# mysql –login-path=remote
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 181
Server version: 5.6.31-77.0-log Percona Server (GPL), Release 77.0, Revision 5c1061c

Copyright (c) 2009-2016 Percona LLC and/or its affiliates
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

mysql> select user();
+——————–+
| user()             |
+——————–+
| ss7@192.168.56.101 |
+——————–+
1 row in set (0.00 sec)

mysql> exit
Bye

通过–login-path选项连接root本地用户
[root@localhost ~]# mysql –login-path=client
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 182
Server version: 5.6.31-77.0-log Percona Server (GPL), Release 77.0, Revision 5c1061c

Copyright (c) 2009-2016 Percona LLC and/or its affiliates
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.

mysql> select user();
+—————-+
| user()         |
+—————-+
| root@localhost |
+—————-+
1 row in set (0.00 sec)