首先让我提一下,我已经看了很多建议的问题,但没有找到相关的答案。这就是我正在做的。

我连接到Amazon EC2实例。我可以用这个命令登录MySQL根目录:

mysql -u root -p

然后我用host %创建了一个新的用户帐单

CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass';

授予用户bill的所有权限:

grant all privileges on *.* to 'bill'@'%' with grant option;

然后我退出root用户,尝试用bill登录:

mysql -u bill -p

输入正确的密码并得到以下错误:

错误1045(28000):用户“账单”@“localhost”(使用密码:YES)的访问被拒绝


当前回答

如果MySQL运行在不区分大小写的操作系统(如Windows)上,也可能发生这种情况。

例:我发现尝试使用这些凭据连接到数据库失败:

mysql>授予数据库ev105的select权限。*到'specialuser',标识为's3curepa5wrd';

$ mysql -specialuser' -p's3curepa5wrd' -h10.61.130.89 databaseV105

错误1045(28000):拒绝访问用户'specialuser'@'10.0.1.113'(使用密码:YES)

但是,这成功了:

Mysql >授予select权限*到'specialuser',标识为's3curepa5wrd';

mysql ' - h10300,300,400 database105 -p

输入密码:

其他回答

好吧,我不确定,但可能是mysql安装目录中的my.cnf文件是罪魁祸首。 注释掉这一行,问题就可以解决了。

bind-address = 127.0.0.1

I discovered yet another case that appears on the surface to be an edge case; I can export to the file system, via SELECT INTO .. OUTFILE as root, but not as regular user. While this may be a matter of permissions, I've looked at that, and see nothing especially obvious. All I can say is that executing the query as a regular user who has all permissions on the data base in question returns the access denied error that led me to this topic. When I found the transcript of a successful use of SELECT INTO … OUTFILE in an old project, I noticed that I was logged in as root. Sure enough, when I logged in as root, the query ran as expected.

当你输入mysql -u root -p时,你是在通过本地unix套接字连接到mysql服务器。

不管你给的授权是什么,'bill'@'%'只匹配TCP/IP连接。

如果你想要授予对本地unix套接字的访问权限,你需要授予'bill'@'localhost'权限,奇怪的是,这与'bill'@'127.0.0.1'不一样。

您也可以使用TCP/IP连接mysql命令行客户端,以匹配您已经授予的权限,例如运行mysql -u root -p -h 192.168.1.123或任何您的本地IP地址。

这是以下两者之间的区别:

CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass';

and

CREATE USER 'bill'@'localhost' IDENTIFIED BY 'passpass';

检查:

mysql> select user,host from mysql.user;
+---------------+----------------------------+
| user          | host                       |
+---------------+----------------------------+
| bill          | %                          | <=== created by first
| root          | 127.0.0.1                  |
| root          | ::1                        |
| root          | localhost                  |
| bill          | localhost                  | <=== created by second
+---------------+----------------------------+

命令

mysql -u bill -p

隐式访问'bill'@'localhost',而不是'bill'@'%'。

“bill”@“localhost”没有权限

你会得到错误:

ERROR 1045 (28000): Access denied for user 'bill'@'localhost' (using password: YES)

解决问题:

CREATE USER 'bill'@'localhost' IDENTIFIED BY 'passpass';

grant all privileges on . to 'bill'@'localhost' with grant option;

百分号表示所有ip,所以localhost是多余的…本地主机不需要第二条记录。

实际上有,'localhost'在mysql中是特殊的,它意味着通过unix套接字(或windows上的命名管道)连接,而不是TCP/IP套接字。使用%作为主机不包括'localhost'

MySQL用户帐户有两个组成部分:用户名和主机名。用户名标识用户,主机名指定用户可以从哪些主机连接。用户名和主机名的组合:

< user_name >的@ < host_name >的 您可以为主机名指定特定的IP地址或地址范围,或者使用百分比字符(“%”)使该用户能够从任何主机登录。

注意,用户帐户是由用户名和主机名同时定义的。例如,“root”@“%”与“root”@“localhost”是不同的用户帐户。