Question Can/should I set a password for the MariaDB "root" user (not "admin")?

[King555]

Server operating system version

Ubuntu 18.04.6 LTS x64

Plesk version and microupdate number

Plesk Obsidian 18.0.49 Update 1 web admin edition

When I view the user list of MariaDB via PhpMyAdmin, there are – among others for the individual databases, of course – the admin user created by Plesk (with the password which is in the file /etc/psa/.psa.shadow) and a user called root without password.

I cannot login with root via PhpMyAdmin. I guess it's because a login with no password is disabled. But I can login via "mysql -uroot" at the console. Although I'm the only SSH user, it feels like a security risk when there is no password.

So my question is: Can I change the password or does Plesk rely on a password-less root user for MariaDB?

 

[Peter Debik]

On a default Plesk installation, the database does not know the "root" user. It uses a user called "admin". You should not allow logins to your database without password.

 

[King555]

Thanks. Any ideas why I have the root user then? It was a minimal installation of Ubuntu and then I just installed Plesk. Should I delete the root user? I never used it.

 

[Peter Debik]

You can keep the root user, but you should enable password requirement when your database server starts.

 

[King555]

Thank you, I will do that.