How to Install MySQL 8.4 in Debian 13 - Complete Guide
In this guide, we will see how to install MySQL 8.4 in Debian 13 Trixie with apt, the default package manager.
This is very common in our professional Linux consulting and support work, as it is the basis for LAMP (Linux, Apache, MySQL, PHP), LEMP (NginX), and various other stacks required for web apps, CMS, and e-commerce.
Official MySQL Repository Configuration
As a first step, to install MySQL 8.4 in Debian 13 Trixie, we download the configuration package from the official MySQL repository
sudo apt update && sudo apt install wgetsudo wget https://dev.mysql.com/get/mysql-apt-config_0.8.36-1_all.debInstall the downloaded package.
sudo apt install ./mysql-apt-config_0.8.36-1_all.debDuring configuration, we can select the desired version by displaying one of these screens
│ Which MySQL product do you wish to configure? │
│ │
│ MySQL Server & Cluster (Currently selected: mysql-8.4-lts) │
│ MySQL Connectors (Currently selected: Enabled) │Configuring mysql-apt-config
----------------------------
The MySQL APT Repository features MySQL Server along with a variety of components. You may select the desired
products to install and update from the official MySQL Repository, and also select the associated version series.
Select "Ok" to save the configuration, and then execute "apt update" to load the selected package list. This
configuration can be updated later, depending on your needs.
1. MySQL Server & Cluster (Currently selected: mysql-8.4-lts) 3. Ok
2. MySQL Connectors (Currently selected: Enabled)
Which MySQL product do you wish to configure? 3If you prefer MySQL 8.0, change the selection to mysql-8.0 and follow our guide "Installing MySQL 8.0 in Debian 12 Bookworm" instead
Install MySQL 8.4 in Debian 13
Update the list of available packages
sudo apt updateWe will notice new lines containing the new MySQL 8.4 repository for Debian 13 Trixie
Get:5 http://repo.mysql.com/apt/debian trixie/mysql-8.4-lts Sources [951 B]
Get:6 http://repo.mysql.com/apt/debian trixie/mysql-apt-config amd64 Packages [566 B]
Get:7 http://repo.mysql.com/apt/debian trixie/mysql-8.4-lts amd64 Packages [16.9 kB]
Get:8 http://repo.mysql.com/apt/debian trixie/mysql-tools amd64 Packages [4129 B]Let's proceed to install MySQL with this command
sudo apt install mysql-serverThe process will ask us to enter a password. In this case, I left it blank, so authentication will take place via Socket, only locally. We will configure it later
Check status and restart MySQL
We have successfully installed MySQL 8.4 in Debian 13 Trixie. The server should already be running. Let's check if the process is active
sudo service mysql statusIf it is not active, we can restart MySQL and repeat the check
sudo service mysql restart* Stopping MySQL database server mysqld [ OK ] * Starting MySQL database server mysqld [ OK ]
Let's check the default MySQL port, 3306 TCP, which should now be listening
sudo apt install net-toolssudo netstat -tnplu |grep 3306The command should return the following output, showing port 3306 listening locally
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN -
tcp6 0 0 :::33060 :::* LISTEN -Configure MySQL 8.4
The server is active. For a new installation, the default configurations are used, and security is poor. At this point, it is vital to run the MySQL configuration script to set up authentication and remove anonymous access, a process we often deal with in our DevOps and Automation Consulting projects to ensure consistent security standards.
sudo mysql_secure_installationThe script will guide us through the configuration of the server's security options
First, we enable password checking for users and select strong passwords, with a dictionary search for common passwords.
Securing the MySQL server deployment.
Connecting to MySQL using a blank password.
VALIDATE PASSWORD COMPONENT can be used to test passwords
and improve security. It checks the strength of password
and allows the users to set only those passwords which are
secure enough. Would you like to setup VALIDATE PASSWORD component?
Press y|Y for Yes, any other key for No: YThere are three levels of password validation policy:
LOW Length >= 8
MEDIUM Length >= 8, numeric, mixed case, and special characters
STRONG Length >= 8, numeric, mixed case, special characters and dictionary file
Please enter 0 = LOW, 1 = MEDIUM and 2 = STRONG: 2
Please set the password for root here.Skipping password set for root as authentication with auth_socket is used by default.
If you would like to use password authentication instead, this can be done with the "ALTER_USER" command.
See https://dev.mysql.com/doc/refman/8.4/en/alter-user.html#alter-user-password-management for more information.We remove anonymous users to increase security
By default, a MySQL installation has an anonymous user,
allowing anyone to log into MySQL without having to have
a user account created for them. This is intended only for
testing, and to make the installation go a bit smoother.
You should remove them before moving into a production
environment.
Remove anonymous users? (Press y|Y for Yes, any other key for No) : YWe configure local user authentication root, which will take place via socket, only on the local machine
Normally, root should only be allowed to connect from
'localhost'. This ensures that someone cannot guess at
the root password from the network.
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : YWe remove the test databases
By default, MySQL comes with a database named 'test' that
anyone can access. This is also intended only for testing,
and should be removed before moving into a production
environment.
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : YWe reload the privilege tables so that our changes are applied immediately.
Reloading the privilege tables will ensure that all changes
made so far will take effect immediately.
Reload privilege tables now? (Press y|Y for Yes, any other key for No) : Accessing MySQL from the console
We have finished installing MySQL 8.4 in Debian 13 Trixie. We can log in with the user root from our server console and, for example, list the existing databases
sudo mysql -u rootWhen connecting to the database, MySQL 8.4 may display an error due to the lack of a plugin:
ERROR 1524 (HY000): Plugin 'mysql_native_password' is not loadedMySQL 8.4 and above implement
mysql_native_password. If you see this error, follow our guide to enable the mysql_native_password authentication plugin
Once we have done this in MySQL, we list the databases present
show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
+--------------------+
4 rows in set (0.00 sec)
The output shows us the databases present. We have successfully installed MySQL in Debian 13 Trixie. We can use our MySQL with the usual syntax and connect our Web Apps and CMS
MySQL root user password
To access remotely, you will need to set the MySQL password root . We can use this command, but we recommend using a "strong" password with numbers, upper and lower case letters, and special characters.
ALTER USER 'root'@'localhost' IDENTIFIED BY 'my_secure_password';Accessing remote MySQL
To access a remote MySQL, we recommend using an SSH tunnel, redirecting the remote port 3306 of our server, which only listens on localhost, to our local port 33006 local
ssh root@IP-or-DNS -L 33006:localhost:3306Thanks to the tunnel, we can connect directly to our port 33006 in localhost with the credentials root created earlier
Access with MySQL Workbench
MySQL Workbench is an excellent tool for MySQL DBAs and Operations, allowing you to create databases, manage server configuration, administer users, perform backups, and much more. It already incorporates the SSH tunnel described above.
- Let's create a new connection
- Select "Standard TCP/IP over SSH."
- Enter the SSH configurations for your server
- SSH Host name
- SSH User name
- Password or SSH key
- MySQL database configurations
- Host name
- Server port
- Username
- Password
- Testing the connection
A default MySQL installation is not ready for production. If you need to manage sensitive data, configure automatic backups, or optimize queries to handle high traffic loads, our team is at your disposal.