mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication

最新推荐文章于 2021-10-21 08:33:30 发布

转载最新推荐文章于 2021-10-21 08:33:30 发布 · 1w 阅读

文章标签：

#mysql #authentication #passwords #user #database #each

MySql 专栏收录该内容

2 篇文章

订阅专栏

本文介绍如何解决使用PHP连接远程MySQL服务器时遇到的旧密码哈希问题，包括禁用旧密码格式、更新数据库中所有用户的密码格式，并提供具体步骤。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

//在转载的基础上修改了一点 , 把原先排版会乱的的表（运行结果）改成图

When I was working with XAMPP in Ubuntu and asked write PHP script to connect to remote MySQL server which is using PASSWORD hash function to save the password for user, and I found following error.

Warning: mysql_connect() [function.mysql-connect]: Premature end of data (mysqlnd_wireprotocol.c:554) in path/to/the/file/where/connection/script/is/written/

Warning: mysql_connect() [function.mysql-connect]: OK packet 1 bytes shorter than expected in path/to/the/file/where/connection/script/is/written/

Warning: mysql_connect() [function.mysql-connect]: mysqlnd cannot connect to MySQL 4.1+ using the old insecure authentication. Please use an administration tool to reset your password with the command SET PASSWORD = PASSWORD('your_existing_password'). This will store a new, and more secure, hash value in mysql.user. If this user is used in other scripts executed by PHP 5.2 or earlier you might need to remove the old-passwords flag from your my.cnf file in path/to/the/file/where/connection/script/is/written/

As you will see, the core issue here is that MySQL can have passwords with hashes stored in the old 16-character format, which is not supported by PHP 5.3′s new mysqlnd library.

Since I couldn’t find a good solution with a quick Google, here is how I solved this without having to downgrade PHP or MySQL (as some of the solutions suggested):

1. Change MySQL to NOT to use old_passwords

It seems that even MySQL 5.x versions still default to the old password hashes. You need to change this in “my.cnf” (e.g. /etc/my.cnf): remove or comment out the line that says

old_passwords = 1

//old_passwords = 1为16位

//所以这里要先

//SET old_passwords = 0;

//这样使新密码的长度也变成41位

Restart MySQL. If you don’t, MySQL will keep using the old password format, which will mean that you cannot upgrade the passwords using the builtin PASSWORD() hashing function. You can test this by running:

mysql> SELECT Length(PASSWORD('xyz'));

结果如下图：很明显16位

The old password hashes are 16 characters, the new ones are 41 characters.

2. Change the format of all the passwords in the database to the new format

Connect to the database, and run the following query:

mysql> SELECT user, Length(`Password`) FROM `mysql`.`user`;

This will show you which passwords are in the old format, ex:

如图：

Notice here that each user can have multiple rows (one for each different host specification).

To update the password for each user, run the following:

UPDATE mysql.user SET Password = PASSWORD('password') WHERE user = 'username';

如图：

Finally, flush privileges:

FLUSH PRIVILEGES;

最后再查询一下

mysql> SELECT user, Length(`Password`) FROM `mysql`.`user`;  
结果如下图：（变成41位了，成功）
 
成功后退出exit
最后重新启动一下mysql
service mysqld restart
ok

原文地址：http://blog.youkuaiyun.com/dragon8299/article/details/6543368