<div>
Are you able to use workbench on a workstation and connect to the SQL instance?<br />
<br />
try <br />
mysql -u appm -p --ssl<br />
<br />
<br />
<br />
if you want secure, you should tell mysql to use secure through --ssl
</div>


Are you able to use workbench on a workstation and connect to the SQL instance?

try
mysql -u appm -p --ssl



if you want secure, you should tell mysql to use secure through --ssl

sunhux

<div>
it prompts when connecting from workbench thus it's<br />
indication it's connectable.<br />
<br />
--ssl is an invalid option in our case:<br />
<br />
[root@u01 ~]# mysql -u appm -p --ssl<br />
mysql:  unknown option '--ssl'.<br />
[root@u01 ~]# mysql -u appm -p -ssl<br />
mysql:  mysql: unknown option '-l'.<br />
[root@u01 ~]# mysql -u appm -p<br />
Enter password:<br />
ERROR 1045 (28000): Access denied for user 'appm'@'localhost' (using password: YES)
</div>


it prompts when connecting from workbench thus it's
indication it's connectable.

--ssl is an invalid option in our case:

[root@u01 ~]# mysql -u appm -p --ssl
mysql: unknown option '--ssl'.
[root@u01 ~]# mysql -u appm -p -ssl
mysql: mysql: unknown option '-l'.
[root@u01 ~]# mysql -u appm -p
Enter password:
ERROR 1045 (28000): Access denied for user 'appm'@'localhost' (using password: YES)

<div>
There's an init file in mysql's home dir, does<br />
this have any impact:<br />
<br />
$ whoami<br />
mysql<br />
<br />
$ more init-file.txt<br />
ALTER USER 'root'@'localhost' IDENTIFIED BY 'Temp@ssw0rd';
</div>


There's an init file in mysql's home dir, does
this have any impact:

$ whoami
mysql

$ more init-file.txt
ALTER USER 'root'@'localhost' IDENTIFIED BY 'Temp@ssw0rd';

<div>
Try mysql --help<br />
mysql --ssl --help<br />
mysql --version<br />
<br />
mysql -u root<br />
What happens?
</div>


Try mysql --help
mysql --ssl --help
mysql --version

mysql -u root
What happens?

<div>
<div class="content wysiwyg-content">
Refer to attached.<br />
<br />
After setting the ssl_type to 'ANY' as per CIS hardening<br />
benchmark for our mySql, access was denied.<br />
<br />
What's missed?<br />
<br />
We're running RHEL 7 OS<br />
<a href="https://filedb.experts-exchange.com/incoming/2020/01_w05/1442067/mySql_appmssl2.jpg" target="_blank" class="file-inline" title="setting ssl_type = Any resulted in denied access for a mySql remote account (136 KB)"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M67.508 468.467c-58.005-58.013-58.016-151.92 0-209.943l225.011-225.04c44.643-44.645 117.279-44.645 161.92 0 44.743 44.749 44.753 117.186 0 161.944l-189.465 189.49c-31.41 31.413-82.518 31.412-113.926.001-31.479-31.482-31.49-82.453 0-113.944L311.51 110.491c4.687-4.687 12.286-4.687 16.972 0l16.967 16.971c4.685 4.686 4.685 12.283 0 16.969L184.983 304.917c-12.724 12.724-12.73 33.328 0 46.058 12.696 12.697 33.356 12.699 46.054-.001l189.465-189.489c25.987-25.989 25.994-68.06.001-94.056-25.931-25.934-68.119-25.932-94.049 0l-225.01 225.039c-39.249 39.252-39.258 102.795-.001 142.057 39.285 39.29 102.885 39.287 142.162-.028A739446.174 739446.174 0 0 1 439.497 238.49c4.686-4.687 12.282-4.684 16.969.004l16.967 16.971c4.685 4.686 4.689 12.279.004 16.965a755654.128 755654.128 0 0 0-195.881 195.996c-58.034 58.092-152.004 58.093-210.048.041z"/></svg>mySql_appmssl2.jpg</a>
</div>
</div>


setting ssl_type = Any resulted in denied access for a mySql remote account

mySql_appmssl2.jpg

Refer to attached.

After setting the ssl_type to 'ANY' as per CIS hardening
benchmark for our mySql, access was denied.

What's missed?

We're running RHEL 7 OS

Databases are organized collections of data, most commonly accessed through management systems including schemas, tables, queries and processes that allow users to enter and manipulate the information or utilize it in other fashions, such as with web applications or for reporting purposes.

Databases

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

MySQL is an open source, relational database management system that runs as a server providing multi-user access to a number of databases. Acquired by Oracle in 2009, it is frequently used in combination with PHP installations, powering most of the WordPress installations.