Failed to connect MYSQL with workbench , EC2 – DevOps

Error :

Failed to connect to mysql at server ip with user root access denied for user ‘root’@’localhost'(using password:YES)


1. Open and edit /etc/my.cnf or /etc/mysql/my.cnf, depending on your distribution.

2. Add skip-grant-tables under [mysqld]

3. Restart MySQL

4. You should be able to log in to MySQL now using the below command mysql -u root -p

5. Run mysql> flush privileges;

6. Set new password by ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘NewPassword’;   (here don’t log from the same screen open another ssh session for the same server and remove the key skip-grant-tables and stop and start the mysql but don’t exiting for another where you are already in the mql)

7. Go back to /etc/my.cnf and remove/comment skip-grant-tables

8. Restart MySQL

9. Now you will be able to login with the new password mysql -u root -p

Here might still you face error , if yes follows

Run the from the sql screen where you already in

SELECT user,authentication_string,plugin,host FROM mysql.user;


+——————+——————————————-+———————–+———–+|user|authentication_string                     |plugin                |host      |+——————+——————————————-+———————–+———–+|root             ||auth_socket           |localhost ||mysql.session    |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||mysql.sys        |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||debian-sys-maint |*CC744277A401A7D25BE1CA89AFF17BF607F876FF |mysql_native_password |localhost |+——————+——————————————-+———————–+———–+4rowsinset(0.00sec)

In this example, you can see that the root user does in fact authenticate using the auth_socket plugin. To configure the root account to authenticate with a password, run the following ALTER USER command. Be sure to change password to a strong password of your choosing, and note that this command will change the root password you set in Step 2:

ALTER USER ‘root’@’localhost’ IDENTIFIED WITH mysql_native_password BY ‘password’;

Then, run FLUSH PRIVILEGES which tells the server to reload the grant tables and put your new changes into effect:


Check the authentication methods employed by each of your users again to confirm that root no longer authenticates using the auth_socket plugin:

SELECT user,authentication_string,plugin,host FROM mysql.user;


+——————+——————————————-+———————–+———–+|user|authentication_string                     |plugin                |host      |+——————+——————————————-+———————–+———–+|root             |*3636DACC8616D997782ADD0839F92C1571D6D78F |mysql_native_password |localhost ||mysql.session    |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||mysql.sys        |*THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE |mysql_native_password |localhost ||debian-sys-maint |*CC744277A401A7D25BE1CA89AFF17BF607F876FF |mysql_native_password |localhost |+——————+——————————————-+———————–+———–+4rowsinset(0.00sec)

You can see in this example output that the root MySQL user now authenticates using a password. Once you confirm this on your own server, you can exit the MySQL shell:


NOW open another screen and test your solution 




From <>

Source :-

install my sql on amazon ec2

Install an RPM repository package by running the commands below:

sudo yum install

A new repository file has been created inside the /etc/yum.repos.d directory.

$ ls /etc/yum.repos.d
amzn2-core.repo  amzn2-extras.repo  mysql-community.repo  mysql-community-source.repo

You can also view list of configured repositories with yum command.

$ sudo yum repolist

Once the repository has been added, install MySQL 8 server packages on Amazon Linux 2.

sudo amazon-linux-extras install epel -y
sudo yum -y install mysql-community-server

The next step is to start MySQL server services.

sudo systemctl enable –now mysqld

A superuser account ‘root’@’localhost is created with initial password set and stored in the error log file. To reveal it, use the following command:

use the following command:

$ sudo grep ‘temporary password’ /var/log/mysqld.log

Use this initial password to harden the server.

$ sudo mysql_secure_installation -p

Set new password and set other settings to better secure access to MySQL server.

Securing the MySQL server deployment.

The existing password for the user account root has expired. Please set a new password.

New password: <SET-NEW-PASSWORD>

Re-enter new password: <CONFIRM-NEW-PASSWORD>
The ‘validate_password’ component is installed on the server.
The subsequent steps will run with the existing configuration
of the component.
Using existing password for root.

Estimated strength of the password: 100
Change the password for root ? ((Press y|Y for Yes, any other key for No) :

… skipping.
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production

Remove anonymous users? (Press y|Y for Yes, any other key for No) : y

Normally, root should only be allowed to connect from
‘localhost’. This ensures that someone cannot guess at
the root password from the network.

Disallow root login remotely? (Press y|Y for Yes, any other key for No) : y

By default, MySQL comes with a database named ‘test’ that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production

Remove test database and access to it? (Press y|Y for Yes, any other key for No) : y
 – Dropping test database…

– Removing privileges on test database…

Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.

Reload privilege tables now? (Press y|Y for Yes, any other key for No) : y

All done!

You can update root password anytime from MySQL shell.

$ mysql -uroot -p
mysql> ALTER USER ‘root’@’localhost’ IDENTIFIED BY ‘MyNewStrongP@ssw0d!’;

The Password Policy is requires:

  • At least one uppercase letter
  • At least one lowercase letter
  • At least one digit
  • At least one special character
  • Total password length is at least 8 characters.

You have installed MySQL 8 server successfully on Amazon Linux 2 and ready to roll..

Below are other guides on Amazon Linux available in our website.

Basic Quick command for GITHUB

#Git clone https://URL

#Cd your directory

#Code . (to open visual studio)

#git checkout -b “Branchname”  (create his branch , now you switch to the your branch)

Now its time to modfily the code After the changes run

# git add .

#git commit -m “testthebranch”  (these way you commit your changes and write description)

#git push -u origin Nishantbranc (commit the changes to the main)

#git checkout main (come back to main branch)

Thanks 🙂

how to setup nginx on aws and pull the code from GITHUB , static code

This article is to describe the quick steps to configure the static website on the nginx stack running on AWS EC2.

to know about nginx please visit ,

Select amzong linux AMI for the image

i aI am using t2.micro for testing purpose

to save my money i have selected the spot instance

you can create EC2 without the key and continue with default user id and password

you need wait for a while till your instance is full initialed

once the EC2 is ready connect using browser based ssh , you can also use tool like putty

Run the following command to install the nginx on the server

#sudo amazon-linux-extras install nginx1

to check status nginx

# systemctl status nginx.service

to enable nginx service

#systemctl enable nginx.service

to start the service

#systemctl Start nginx.service

make sure the status is running

browe the public ip address and make sure nginx welcome screen is visable

now its time to pull your code

usally default webpage is running from the following location, in these test i will use same location to replace with my sample source code (default location /usr/share/nginx/html)

first i will remove the default webpage with help of

#rm -rf *

to confirm you can try to access with the same public ip adderss and you will see that default page is not there

for testing purpose i am using Microsoft demo html page

install package to run the git command on the linux

# sudo yum install git

naviate to /usr/share/nginx/html and clone the code from the git

# sudo git clone

after the clone, you can check # ls to make sure code is pulled well ,

# sudo mv project-html-website/* .

run above command to mv the files on the correct location

onces copy is done you can try to access new website from the public ip address

now you can point your A record to public address


IBM QRADAR installation failed with the error EXIT CODE :1 after setting date and time -RHEL

The issue is only with the software-based installation (RHEL) and the cause of the issue is multiple NIC were assigned to QRadar VMs . as part of a solution/workaround I deleted multiple NIC assigned to VMs and run the setup with the single network interface.

As per IBM support, it is okay to run QRadar with a single Network interface

How to change SSH Port Number in RHEL 8.1

Check the available package

[root@lab ~]# rpm -qa openssh*

Check the SSH Service Status

root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: active (running) since Sun 2020-10-25 10:12:37 +03; 1h 19min ago
     Docs: man:sshd(8)
 Main PID: 7204 (sshd)
    Tasks: 1 (limit: 11337)
   Memory: 7.1M
   CGroup: /system.slice/sshd.serv

note down the port number which is currently in use , in my case its 22

root@lab ~]# netstat -lnptu | grep "ssh"
tcp        0      0    *               LISTEN      7204/sshd
tcp        0      0*               LISTEN      6895/sshd: root@pts
tcp        0      0*               LISTEN      7216/sshd: root@pts
tcp6       0      0 :::22                   :::*                    LISTEN      7204/sshd
tcp6       0      0 ::1:6010                :::*                    LISTEN      6895/sshd: root@pts
tcp6       0      0 ::1:6011                :::*                    LISTEN      7216/sshd: root@pts
[root@lab ~]#

Check related configuration files of ssh server

[root@lab ~]# rpm -qc openssh-server-8.0p1-3.el8.x86_64
[root@lab ~]#

open the sshd file and edit the ports with requried number

[root@lab ~]# vim /etc/ssh/sshd_config

This is the sshd server system-wide configuration file. See
sshd_config(5) for more information.
This sshd was compiled with PATH=/usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin
The strategy used for options in the default sshd_config shipped with
OpenSSH is to specify options with their default value where
possible, but leave them commented. Uncommented options override the
default value.
If you want to change the port on a SELinux system, you have to tell
SELinux about this change.
semanage port -a -t ssh_port_t -p tcp #PORTNUMBER
Port 22000
AddressFamily any
ListenAddress ::
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_ecdsa_key
HostKey /etc/ssh/ssh_host_ed25519_key
Ciphers and keying
RekeyLimit default none
System-wide Crypto policy:
This system is following system-wide crypto policy. The changes to
Ciphers, MACs, KexAlgoritms and GSSAPIKexAlgorithsm will not have any
effect here. They will be overridden by command-line options passed on
the server start up.
To opt out, uncomment a line with redefinition of CRYPTO_POLICY=
variable in /etc/sysconfig/sshd to overwrite the policy.
For more information, see manual page for update-crypto-policies(8).

add ports to firewall policy and allow & reload firewall

[root@lab ~]# firewall-cmd --permanent --add-port=22000/tcp
Warning: ALREADY_ENABLED: 22000:tcp
[root@lab ~]# firewall-cmd --reload
[root@lab ~]#

add new port number to selinux

[root@lab ~]# semanage port -a -t ssh_port_t -p tcp 22000
[root@lab ~]#

check available port for ssh

[root@lab ~]# semanage port -l | grep "ssh"
ssh_port_t tcp 22000, 22

Restart the SSHD service and check status

[root@lab ~]# systemctl restart sshd.service
[root@lab ~]# systemctl status sshd.service
● sshd.service - OpenSSH server daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-10-25 11:49:16 +03; 9s ago
Docs: man:sshd(8)
Main PID: 8214 (sshd)
Tasks: 1 (limit: 11337)
Memory: 1.1M
CGroup: /system.slice/sshd.service

check the listening port

[root@lab ~]# netstat -lnptu | grep "ssh"
tcp 0 0* LISTEN 8214/sshd
tcp 0 0* LISTEN 6895/sshd: root@pts
tcp 0 0* LISTEN 7216/sshd: root@pts
tcp6 0 0 :::22000 :::* LISTEN 8214/sshd
tcp6 0 0 ::1:6010 :::* LISTEN 6895/sshd: root@pts
tcp6 0 0 ::1:6011 :::* LISTEN 7216/sshd: root@pts
[root@lab ~]#

now open any client ssh tool and try to access server with the new ports.

thanks to visit by blogs

How to enable Linux Cockpit Red Hat Enterprise Linux 8.1

Linux Cockpit is UI based interface from we can easily manage the entire server such as System controls, logs, Storage, Networking, Podmon Containers, Accounts, Services, Applications, Diagnostic Reports, Kernal Dumps, SELinux, Software Updates, Subscriptions, Direct Access to Terminal window

# yum list cockpit
# yum install cockpit -y

# systemctl enable cockpit.socket
# systemctl start cockpit.socket
# systemctl status cockpit.socket
# systemctl restart cockpit.socket # if service was running

# firewall-cmd –permanent –add-service=cockpit
# firewall-cmd –reload
# firewall-cmd –list-all

cat /usr/lib/firewalld/services/cockpit.xml (to check port number )

Open Browser

Server ip address:9090

server user name and password

How to install Docker Community Edition on CentOS 8.1

Docker Engine Supports CentOS 8.1 to run the container on it . Docker is available in two version which is Community (CE) and Enterprise Edition

Installtion Steps :- 

Enable Docker CE Repository

Docker Package are not avilable on CentOS package Respositories , run the dnf command to enable docker CE package repository

[root@localhost admin]# dnf config-manager --add-repo=

Install Docker CE using dnf Command 

[root@localhost admin]# dnf list docker-ce

CentOS-8 – AppStream                                                                                     1.1 MB/s | 6.8 MB     00:06

CentOS-8 – Base                                                                                          1.2 MB/s | 6.0 MB     00:04

CentOS-8 – Extras                                                                                        3.4 kB/s | 5.5 kB     00:01

Docker CE Stable – x86_64                                                                                 13 kB/s |  22 kB     00:01

Available Packages

docker-ce.x86_64                                             3:19.03.8-3.el7                                             docker-ce-stable

Remove podman Manpage to avoid conflicts with file from Docker Package

click here

[root@localhost admin]# sudo yum remove -y podman-manpages

Run DNF command to install latest version of docker

[root@localhost admin]# dnf install docker-ce --nobest -y

once the installtion is completed start and enable service

[root@localhost admin]#systemctl start docker
[root@localhost admin]#systemctl enable docker

verfily and test docker CE Engine

[root@docker-ce ~]# docker run hello-world

Command Output 
Unable to find image ‘hello-world:latest’ locally
latest: Pulling from library/hello-world
0e03bdcc26d7: Pull complete
Digest: sha256:8e3114318a995a1ee497790535e7b88365222a21771ae7e53687ad76563e8e76
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the “hello-world” image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:

For more examples and ideas, visit:

visit also 

Many Thanks for your support !

Docker Conflicts with File from Package podman-manpages on CentOS Linux release 8.1.1911 (Core)

Docker installation on the Centos is very simple and quick , As part of docker installation steps on the centos you might face following error after running dnf command to install latest version of docker,

# “dnf install docker-ce –nobest -y”

Errror: Transaction check error:
file /usr/share/man/man1/docker-attach.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-build.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-commit.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-container-prune.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch
file /usr/share/man/man1/docker-container.1.gz from install of docker-ce-cli-1:19.03.8-3.el7.x86_64 conflicts with file from package podman-manpages-1.4.2-5.module_el8.1.0+237+63e26edc.noarch

So in these case podman mainpages are conflicts with the Docker ,so to fix these i just remove the manpage from podman, but keep podman. Run following command to remove podman-manpages

# sudo yum remove -y podman-manpages