How to Create MySQL on Linux Server in 2026? – Easy Guide

To create MySQL on a Linux server, install the MySQL Server package, start and enable the service, run mysql_secure_installation, then create a database and user with proper privileges.

Optionally open port 3306 in your firewall and configure remote access. The exact commands differ for Ubuntu/Debian and RHEL/CentOS/Rocky systems.

In this guide, you’ll learn exactly how to create MySQL on a Linux server from scratch, including installation, security hardening, database/user setup, firewall rules, tuning essentials, backups, and troubleshooting.

Whether you use Ubuntu/Debian or RHEL-based distros, you’ll get copy-paste commands and practical, beginner-friendly tips.

What You Need Before You Start (Prerequisites)

• Linux server running Ubuntu/Debian or RHEL/CentOS/Rocky (x86_64 is typical).
• SSH access with sudo or root privileges.
• Package manager: apt (Ubuntu/Debian) or dnf/yum (RHEL family).
• Optional: open TCP port 3306 if remote connections are required.
• Time sync enabled (chrony/systemd-timesyncd) helps with SSL and logs.

Expert Tip: If you prefer a fast, clean start, YouStable’s SSD VPS and Dedicated Servers ship with latest Linux images and quick-install options, helping you get MySQL production-ready with minimal overhead.

MySQL vs MariaDB: Which Should You Install?

Many Linux repositories ship MariaDB by default. It’s a high-performance fork of MySQL and 100% compatible for most apps. If you specifically need Oracle MySQL 8 (features like InnoDB Cluster, Enterprise plugins), use the official MySQL repositories.

• Choose MySQL when your app or vendor requires MySQL 8.
• Choose MariaDB when you want a drop-in replacement with broad distro support.

Install MySQL on Ubuntu/Debian

Option A: Install from Ubuntu/Debian repositories

Ubuntu LTS versions typically include MySQL 8 in the official repos. Debian may default to MariaDB if you use meta packages. To ensure MySQL (not MariaDB), install the mysql-server package on Ubuntu.

sudo apt update
sudo apt install -y mysql-server
sudo systemctl enable --now mysql

Option B: Install the latest from the official MySQL APT repository

Use this when you want the newest MySQL 8.x from Oracle. Download the latest mysql-apt-config .deb from the MySQL website, then:

# replace the file name below with the latest available version
wget https://dev.mysql.com/get/mysql-apt-config_0.8.29-1_all.deb
sudo dpkg -i mysql-apt-config_0.8.29-1_all.deb
sudo apt update
sudo apt install -y mysql-server
sudo systemctl enable --now mysql

Install MySQL on RHEL/CentOS/Rocky/Alma

Option A: Install MariaDB from the OS repository

This is the quickest route on RHEL-based systems if MariaDB is acceptable.

sudo dnf install -y mariadb-server
sudo systemctl enable --now mariadb

Option B: Install MySQL 8 from the official MySQL YUM/DNF repository

Use this when you explicitly need Oracle MySQL 8.

# EL9 example (Rocky/Alma/RHEL 9) - use the appropriate package for your OS version
sudo dnf install -y https://dev.mysql.com/get/mysql80-community-release-el9-1.noarch.rpm
sudo dnf install -y mysql-community-server
sudo systemctl enable --now mysqld

Note: On RHEL-based systems with MySQL 8, the initial temporary root password is logged to the error log (often /var/log/mysqld.log). Check it if prompted.

Secure the Installation

Run the included hardening script. It sets a strong root password, removes anonymous users, disables remote root login, and drops the test database.

sudo mysql_secure_installation

Recommended answers: set a strong root password, remove anonymous users, disallow remote root login, remove test DB, and reload privilege tables.

Create a Database and a Least-Privilege User

Connect to MySQL as root, create a database for your application, and grant least-privilege access to a dedicated user. Replace placeholders with your values.

sudo mysql -u root -p

-- inside the MySQL shell:
CREATE DATABASE appdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'Str0ng!Passw0rd';
GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'localhost';
FLUSH PRIVILEGES;
EXIT;

Open the Firewall (Optional, for Remote Access)

Ubuntu/Debian (UFW)

sudo ufw allow 3306/tcp
sudo ufw status

RHEL/CentOS/Rocky (firewalld)

sudo firewall-cmd --add-service=mysql --permanent
sudo firewall-cmd --reload
sudo firewall-cmd --list-all

Security tip: Restrict inbound 3306 to specific IPs using cloud security groups or firewall rules. Never expose MySQL widely to the internet.

Enable Remote Connections (Safely)

If your app server connects from another host, bind MySQL to a non-loopback address and create a user for that host. Edit the MySQL config file and restart.

# Ubuntu/Debian
sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

# RHEL family
sudo nano /etc/my.cnf

# set or adjust:
bind-address = 0.0.0.0

# Restart service after changes
# Ubuntu/Debian:
sudo systemctl restart mysql

# RHEL family:
sudo systemctl restart mysqld

# Create a user allowed from a specific IP (preferred)
sudo mysql -u root -p

CREATE USER 'appuser'@'203.0.113.10' IDENTIFIED BY 'Str0ng!Passw0rd';
GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'203.0.113.10';
FLUSH PRIVILEGES;
EXIT;

Prefer specific host entries over ’%’ wildcards. Use SSL/TLS for production, and place MySQL behind a private network or VPN whenever possible.

Verify Connectivity

# Local
mysql -u appuser -p -h 127.0.0.1 -D appdb -e "SELECT 1;"

# Remote from the app host
mysql -u appuser -p -h <mysql_server_ip> -D appdb -e "SHOW TABLES;"

If the client cannot connect, test the port first and then review logs.

nc -vz <mysql_server_ip> 3306
# Logs (Ubuntu/Debian)
sudo journalctl -u mysql --no-pager
# Logs (RHEL family)
sudo journalctl -u mysqld --no-pager

Essential Performance Tuning (Safe Defaults)

Adjust these parameters for better baseline performance on small to medium instances. Size the buffer pool to 50–70% of available RAM on dedicated DB nodes.

[mysqld]
innodb_buffer_pool_size = 1G
innodb_log_file_size = 256M
max_connections = 200
slow_query_log = 1
slow_query_log_file = /var/log/mysql/slow.log
long_query_time = 1
# bind-address = 127.0.0.1  # lock to localhost when remote access not needed

After changes, restart MySQL and monitor with SHOW GLOBAL STATUS and the slow query log. For heavier loads, evaluate connection pooling (ProxySQL/Haproxy) and proper indexing.

Backup and Restore

Take logical backups with mysqldump for smaller datasets or nightly backups. Use –single-transaction to avoid locking InnoDB tables.

# Backup a single database
mysqldump -u root -p --single-transaction --routines --triggers appdb > appdb_$(date +%F).sql

# Restore
mysql -u root -p appdb < appdb_2025-01-01.sql

For large, busy databases, consider physical backups (LVM snapshots, MySQL Enterprise Backup, Percona XtraBackup) and test restores regularly.

Ongoing Maintenance

• Patch regularly: apt/dnf updates and minor MySQL upgrades (test first).
• Monitor logs: error log, slow query log, and system journal.
• Check disk/IO: data directory free space and IOPS headroom.
• Backups: automate and verify with periodic restore drills.
• Security: restrict 3306, rotate credentials, enable SSL for remote apps.

Troubleshooting Common Issues

• Port 3306 blocked: open firewall or security group; verify nc -vz.
• Authentication plugin mismatch: older clients may not support caching_sha2_password (MySQL 8 default). Prefer upgrading clients; otherwise, adjust the user plugin:

ALTER USER 'appuser'@'%' IDENTIFIED WITH mysql_native_password BY 'Str0ng!Passw0rd';
FLUSH PRIVILEGES;

• SELinux (RHEL family): ensure mysqld can listen on 3306 and access datadir. Use setsebool and proper contexts if you move the datadir.
• Service won’t start: check journalctl and error log for datadir permissions or my.cnf syntax errors.

When to Choose Managed or Assisted Setup

If you want to skip hand-rolling security, backups, and tuning, consider a managed VPS or Dedicated Server. At YouStable, our engineers can pre-harden MySQL, set up automated backups, and optimize configs for your workload, so you focus on your application instead of server plumbing.

Full Quick-Start: End-to-End Commands (Ubuntu Example)

# 1) Install
sudo apt update
sudo apt install -y mysql-server
sudo systemctl enable --now mysql

# 2) Secure
sudo mysql_secure_installation

# 3) Create DB and user
sudo mysql -u root -p -e "CREATE DATABASE appdb CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
sudo mysql -u root -p -e "CREATE USER 'appuser'@'localhost' IDENTIFIED BY 'Str0ng!Passw0rd';"
sudo mysql -u root -p -e "GRANT ALL PRIVILEGES ON appdb.* TO 'appuser'@'localhost'; FLUSH PRIVILEGES;"

# 4) (Optional) Allow remote access
sudo sed -i 's/^bind-address.*/bind-address = 0.0.0.0/' /etc/mysql/mysql.conf.d/mysqld.cnf
sudo systemctl restart mysql
sudo ufw allow 3306/tcp

# 5) Test
mysql -u appuser -p -h 127.0.0.1 -D appdb -e "SELECT 1;"

Conclusion

That’s how to create MySQL on a Linux server the right way: install, secure, grant least-privilege, optionally enable remote access, and maintain with backups and tuning. Follow these steps and you’ll have a production-ready database foundation that’s secure, reliable, and fast.

FAQ’s