Let me first mention that I have looked at many of the suggested questions and found no relevant answers. Here's what I'm doing.
I'm connected to my Amazon EC2 instance. I can log into the MySQL root user using the following command:
mysql -u root -p
Then I created a new user bill with the host %
CREATE USER 'bill'@'%' IDENTIFIED BY 'passpass';
Grant all permissions to user bill:
grant all privileges on *.* to 'bill'@'%' with grant option;
Then I exit the root user and try to log in using the bill user:
mysql -u bill -p
After entering the correct password, the following error occurs:
Error 1045 (28000): Access denied for user "bill"@"localhost" (using password: YES)
try:
You may have an anonymous user
''@'localhost'
or''@'127.0.0.1'
.According to Manual:
Therefore, such an anonymous user will "block" any other user such as
'[any_username]'@'%'
when connecting fromlocalhost
.'bill'@'localhost'
matches'bill'@'%'
, but will be matched before (for example)''@'localhost'
.The recommended solution is to delete this anonymous user (this is usually a good idea).
The edits below are mostly irrelevant to the main question. These are just to answer some of the questions asked in other comments in this thread.
Edit 1
Authenticate via socket as
'bill'@'%'
.Edit 2
Exactly the same setup, except I reactivated the network and now created an anonymous user
''@'localhost'
.Edit 3
Same situation as in edit 2, now provide the password for the anonymous user.
Conclusion 1, from edit 1: Authentication of
'bill'@'%'
is possible over sockets.Conclusion 2, from edit 2: Whether connecting via TCP or via sockets has no impact on the authentication process (other than not being able to connect via sockets other than
'something'@'localhost'
any other user).Conclusion 3, from edit 3: Even though I specified
-ubill
, I was granted access as an anonymous user. This is because of the "ordering rules" suggested above. Note that in most default installations, there is an anonymous user with no password (which should be secured/removed).