MySQL is the most popular  open-source relational database management system. It is fast, easy to  use, scalable, and an integral part of the popular LAMP and LEMP stacks.

In this tutorial, we will show you how to install and secure MySQL on an Ubuntu 18.04 machine.


Make sure you are logged in as a user with sudo privileges.

Installing MySQL on Ubuntu

At the time of writing this article, the latest version of MySQL available from the official Ubuntu repositories is MySQL version 5.7.

To install MySQL on your Ubuntu server follow the steps below:

First, update the apt package index by typing:

sudo apt update

Then install the MySQL package with the following command:

sudo apt install mysql-server

Once  the installation is completed, the MySQL service will start  automatically. To check whether the MySQL server is running, type:

sudo systemctl status mysql
● mysql.service - MySQL Community Server
   Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
   Active: active (running) since Wed 2018-06-20 11:30:23 PDT; 5min ago
 Main PID: 17382 (mysqld)
    Tasks: 27 (limit: 2321)
   CGroup: /system.slice/mysql.service
           `-17382 /usr/sbin/mysqld --daemonize --pid-file=/run/mysqld/

Securing MySQL

MySQL server package comes with a script called mysql_secure_installation that can perform several security-related operations.

Run the script by typing:

sudo mysql_secure_installation

You will be asked to configure the VALIDATE PASSWORD PLUGIN which is used to test the strength of the MySQL users’ passwords and  improve the security. There are three levels of password validation  policy, low, medium and strong. Press ENTER if you don’t want to set up the validate password plugin.

On  the next prompt, you will be asked to set a password for the MySQL root  user. Once you do that the script will also ask you to remove the  anonymous user, restrict root user access to the local machine and  remove the test database. You should answer “Y” (yes) to all questions.

Login as root

To  interact with the MySQL server from the command line you can use the  MySQL client utility which is installed as a dependency of the MySQL  server package.

In Ubuntu systems running MySQL 5.7 (and later), the root user is authenticated by the auth_socket plugin by default.

The auth_socket plugin authenticates users that connect from the localhost through the Unix socket file. This means that you can’t authenticate as root by providing a password.

To log in to the MySQL server as the root user type:

sudo mysql

You will be presented with the MySQL shell as shown below:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 8
Server version: 5.7.22-0ubuntu18.04.1 (Ubuntu)

Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

If you want to login to your MySQL server as root from an external program such as phpMyAdmin you have two options.

The first one is to change the authentication method from auth_socket to mysql_native_password. You can do that by running the following command:

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'very_strong_password';

The second, recommended option is to create a new administrative user with access to all databases:

GRANT ALL PRIVILEGES ON *.* TO 'administrator'@'localhost' IDENTIFIED BY 'very_strong_password';


Now  that your MySQL server is up and running and you know how to connect to  the MySQL server from the command line, you might want to check the  following guides:

If you prefer a web interface over command line, you can install phpMyAdmin and manage your MySQL databases and users through it.