In order to log in to a MySQL server, you can run mysql command along with your login credentials and server’s IP address as arguments. For example:
$ mysql -u $MYSQL_ROOT -p $MYSQL_PASS -h 192.168.10.1
However, besides the inconvenience of typing extra arguments, using plain-text login credentials in a command line like above is really not a secure way to access a MySQL server. In a multi-user Linux environment, what you type in command line can easily be revealed to others who happen to run ps on the same host at the same time.
MySQL offers a way for you to log in to MySQL server without password, by using an external MySQL configuration file. In Linux, there are two different kinds of MySQL configuration files: (1) /etc/my.cnf and (2) ~/.my.conf. While any system-wide MySQL configuration is defined in /etc/my.cnf, any user-specific MySQL configuration is stored in ~/.my.cnf. You can leverage ~/.my.cnf, to define your MySQL login credential in the file.
Make sure to have the configuration file readable to you only.
$ chmod 0600 ~/.my.cnf
Once ~/.my.cnf is created, simply typing mysql command will let you log in to 192.168.10.1 as alice, and you no longer need to provide login password separately.
Using the same password on different servers allows attackers to access your accounts if cracker manage to steal your password from a less secure server. This is true for online website accounts too. So solution is to create unique passwords for server accounts like your email, sftp and ssh accounts. General guideline to create a strong and unique password is as follows:
Creating a strong and unique password for Linux or Unix-like systems
Create a password with mix of numbers, special symbols, and alphabets.
Make sure your password is hard to guess. You can use tool such as makepasswd to create hard to guess password.
Do not use simple words like “password“, “123456“, “123abc” or “qwerty“.
Use a unique password for all your server accounts.
But, how do you test the effectiveness of a password in resisting guessing and brute-force attacks under Linux? The answer is simple use cracklib-check command.
Install cracklib on a Linux based system
Type the following yum command to install on RHEL and friends: # yum install cracklib
Type the following apt-get command to install on Debian/Ubuntu and friends: # apt-get install libcrack2