How to log in to MySQL using the Plesk MySQL "admin" password in plain text?

Follow

Comments

4 comments

  • Avatar
    Scott Benton

    Regarding the above note: 'Put the backslash symbol "\" before the sign "$" - there are three $ in the string below, all of which are preceded by backslashes. Personally, I'm attempting to enable login from remote via SSH tunnel and private keys. The SSH connection is fine, but I'm still getting 'Access denied' for the admin mysql login. The password reset utility provided by Plesk allows a reset of the password, but does not allow you to specify the password, nor is there any way to recover the password.

  • Avatar
    Denis Bykov

    @Scott
    There is a possibility that encrypted password contains other special symbols that should be escaped with the backslash as well, for example "@",  "#", "%" etc.
    I suggest adding backslashes for any character in the password except numbers and Latin letters.

  • Avatar
    Scott Benton

    @Denis of course you are right, but I think this is all beside the point. I solved my problem with the following:

    - Log into Plesk as admin with mysql -uadmin -p`cat /etc/psa/.psa.shadow`

    - grant all on *.* to newadminuser@localhost identified by 'xxxxxxxxxxxxxxxxxxx';

    My point is that if an attacker already has root access to your server with SSH, this additional encryption of the Plesk admin password is worthless, and kind of a pain. I think enabling MySql connections outside of localhost is crazy, but to restrict access when you already have (root) ssh access to the server seems really silly to me. I'm in the midst of migrating 40 or so web sites to a new server, and really didn't want to have to manage separate connections for each of those as I'm migrating and testing. Either way, if I can bypass this with one line of MySql, it's not really adding anything to the security of my server.

  • Avatar
    Ivan Postnikov

    Hello @Scott,

    Thank you for sharing your user experience and thoughts about current design.

    Plesk Development team constantly works on security improvement.

    As for migration, here is the useful article on how to migrate websites.

Please sign in to leave a comment.

Have more questions? Submit a request