Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours on Instagram and YouTube and waste money on coffee and fast food, but won’t spend 30 minutes a day learning skills to boost our careers.
Master in DevOps, SRE, DevSecOps & MLOps!

Learn from Guru Rajesh Kumar and double your salary in just one year.


Get Started Now!

Uncategorised

Managing MariaDB Root Password and Connection Behavior in XAMPP (Ubuntu)

April 29, 2025 Leave a Comment

☁️ Introduction

When working with MariaDB/MySQL inside XAMPP on Ubuntu, many developers face confusing issues related to root password behavior, localhost vs 127.0.0.1 access, and authentication plugins.
This tutorial provides a comprehensive step-by-step guide to understand, troubleshoot, and secure your MariaDB setup.

✅ Learn why password prompts behave differently,
✅ How to fix broken authentication (even after using --skip-grant-tables),
✅ And how to set up proper security best practices for production or local development.

🛑 Problem: Different Behavior Between localhost and 127.0.0.1

You may notice:

  • When connecting via localhost, MariaDB allows login without password.
  • When connecting via 127.0.0.1, it asks for root password.

✅ This is not a bug — it’s due to different connection methods.

Connection TypeBehavior
localhostConnects via Unix Socket (auth_socket plugin)
127.0.0.1Connects via TCP/IP (password-based plugin)

In MariaDB, different plugins can authenticate based on how you connect.

🔍 How to Check Current User Authentication Plugins

Login to MariaDB (even without password if allowed):

sudo mysql -u root

Run:

SELECT user, host, plugin FROM mysql.user;

Typical result:

userhostplugin
rootlocalhostauth_socket
root127.0.0.1mysql_native_password

🛠 How to Fix: Make Root Always Require Password

By default, in Ubuntu XAMPP, root@localhost may use auth_socket, meaning system login, not password login.
To fix and enforce password login, change the authentication plugin.

✅ Correct command for MariaDB:

ALTER USER 'root'@'localhost' IDENTIFIED BY 'yourStrongPassword';
FLUSH PRIVILEGES;

✅ After that:

  • Connecting via localhost or 127.0.0.1 both require password.
  • No automatic system user trust.

🛠 What If You See --skip-grant-tables Error?

If you get:

ERROR 1290 (HY000): The MariaDB server is running with the --skip-grant-tables option

It means:

  • Grant tables are disabled,
  • You cannot ALTER USER or SET PASSWORD.

✅ Solution:

  1. Stop MariaDB:
sudo /opt/lampp/lampp stopmysql
  1. Start MariaDB normally:
sudo /opt/lampp/lampp startmysql
  1. Then login and fix password properly.

📦 How to Check and Remove Permanent --skip-grant-tables

Sometimes, --skip-grant-tables is accidentally set in XAMPP’s MariaDB configuration.

Check file:

sudo nano /opt/lampp/etc/my.cnf

Look for:

skip-grant-tables

✅ If found, comment it out:

#skip-grant-tables

✅ Then restart MariaDB.

🔥 Best Practices to Secure MariaDB on Ubuntu (especially inside XAMPP)

PracticeWhy It Matters
Always set a strong password for rootPrevent unauthorized access
Disable root remote loginroot should only login from localhost
Create a new admin userUse adminuser@localhost for your apps instead of root
Keep your MariaDB updatedGet latest security patches
Secure XAMPP itselfPassword-protect XAMPP dashboard and phpMyAdmin

🛠 How to Create a New Admin User (Recommended)

  1. Login:
mysql -u root -p
  1. Run:
CREATE USER 'adminuser'@'localhost' IDENTIFIED BY 'yourSecurePassword123!';
GRANT ALL PRIVILEGES ON *.* TO 'adminuser'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;

✅ Now you can use adminuser safely for all database operations.

📋 Summary Checklist

ActionDone?
Fix root password with ALTER USER
Restart MariaDB without --skip-grant-tables
Remove skip-grant-tables from my.cnf
Disable root remote access (optional)
Create separate admin user for apps

🚀 Final Notes

  • When using MariaDB with XAMPP in Ubuntu, always verify connection method differences (localhost vs 127.0.0.1).
  • Ensure MariaDB server runs without –skip-grant-tables for full security.
  • Don’t use root for web apps — create a limited user.
  • Always restart XAMPP cleanly after major database config changes.

🧠 Pro Tip

If you’re planning to expose XAMPP or MariaDB over the internet (even in test environments):

  • Enable SSL/TLS for MySQL connections.
  • Use firewall rules to restrict IP access.
  • Prefer SSH tunnels for remote database connections instead of direct port opening.

📢 Conclusion

“A secure database setup begins with understanding the basics: authentication, connection types, and privilege management.”

Following the steps in this tutorial will ensure you have a properly secured and consistent MariaDB environment inside XAMPP, ready for both development and production testing.

Stay secure. Happy coding! 🚀

✅ Ready-To-Use Final Command Set (Summary)

sudo /opt/lampp/lampp stopmysql
sudo nano /opt/lampp/etc/my.cnf   # Comment out skip-grant-tables if exists
sudo /opt/lampp/lampp startmysql

mysql -u root -p

ALTER USER 'root'@'localhost' IDENTIFIED BY 'YourStrongPassword!';
FLUSH PRIVILEGES;

CREATE USER 'adminuser'@'localhost' IDENTIFIED BY 'yourSecurePassword123!';
GRANT ALL PRIVILEGES ON *.* TO 'adminuser'@'localhost' WITH GRANT OPTION;
FLUSH PRIVILEGES;
EXIT;

✅ Done!

Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments

Certification Courses

DevOpsSchool has introduced a series of professional certification courses designed to enhance your skills and expertise in cutting-edge technologies and methodologies. Whether you are aiming to excel in development, security, or operations, these certifications provide a comprehensive learning experience. Explore the following programs:

DevOps Certification, SRE Certification, and DevSecOps Certification by DevOpsSchool

Explore our DevOps Certification, SRE Certification, and DevSecOps Certification programs at DevOpsSchool. Gain the expertise needed to excel in your career with hands-on training and globally recognized certifications.

0
Would love your thoughts, please comment.x
()
x