I'm just a home user getting started with MySQL. The book I purchased doesn't seem to cover this issue very well, or I'm not understanding it. Basically, it seems that I can ssh into my system as a user who isn't in the mysql.user list and still use MySQL.

My user list:

mysql> SELECT host,user,password FROM mysql.user;
+-----------+------+-------------------------------------------+
| host | user | password |
+-----------+------+-------------------------------------------+
| localhost | root | *A294441C38B03BE12E32771ADDF7976B0DDB8164 |
| c2RAID6 | root | *A294441C38B03BE12E32771ADDF7976B0DDB8164 |
| 127.0.0.1 | root | *A294441C38B03BE12E32771ADDF7976B0DDB8164 |
| localhost | | |
| c2RAID6 | | |
| localhost | mark | *E8F1FB8D711EFE40BEE77B5E9EC940D7C1740E15 |
+-----------+------+-------------------------------------------+
6 rows in set (0.00 sec)

mysql>


MySQL says there's no account for 'evelyn', which is correct, but still allows evelyn access if she comes into the machine over ssh:


mark@c2RAID6 ~ $ mysql -u evelyn
ERROR 1045 (28000): Access denied for user 'evelyn'@'localhost' (using password: YES)
mark@c2RAID6 ~ $ ssh evelyn@localhost
Password:
evelyn@c2RAID6 ~ $ mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 176
Server version: 5.1.70-log Gentoo Linux mysql-5.1.70

Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql>


How can I lock this down so that no one gets access unless they are in the user table?

Thanks!