Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

MySQL: REQUIRE SSL not shown in grants

Tags:

MySQL 8 doesn't show REQUIRE SSL in the SHOW GRANTS output.

On MariaDB, when I create a user using REQUIRE SSL, it is shown in the grants:

Server version: 10.2.22-MariaDB MariaDB Server

MariaDB [(none)]> drop user if exists 'test'; 
MariaDB [(none)]> create user 'test' REQUIRE SSL;
Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> show grants for 'test';
+----------------------------------------------+
| Grants for test@%                            |
+----------------------------------------------+
| GRANT USAGE ON *.* TO 'test'@'%' REQUIRE SSL |
+----------------------------------------------+

But in MySQL8, I don't see REQUIRE SSL indicated:

mysql> drop user if exists 'testu';
mysql> create user 'testu' REQUIRE SSL;
mysql> show grants for 'test';
+----------------------------------+
| Grants for test@%                |
+----------------------------------+
| GRANT USAGE ON *.* TO `test`@`%` |
+----------------------------------+

Attempting to connect without SSL does properly give an error, but how can I see which users have it enabled if it's not shown in the grants?

like image 418
simpleuser Avatar asked Mar 08 '19 20:03

simpleuser


People also ask

How do I provide grant permissions in MySQL?

To GRANT ALL privileges to a user , allowing that user full control over a specific database , use the following syntax: mysql> GRANT ALL PRIVILEGES ON database_name. * TO 'username'@'localhost';

What is Grant usage on MySQL?

The GRANT statement grants privileges to MySQL user accounts. GRANT also serves to specify other account characteristics such as use of secure connections and limits on access to server resources.


1 Answers

mysql [localhost:8014] {msandbox} ((none)) > show create user 'test';
+--------------------------------------------------------------------------------+
| CREATE USER for test@%                                                         |
+--------------------------------------------------------------------------------+
| CREATE USER 'test'@'%' IDENTIFIED WITH 'caching_sha2_password' REQUIRE SSL ... |
+--------------------------------------------------------------------------------+

See https://dev.mysql.com/doc/refman/8.0/en/show-create-user.html

like image 69
Bill Karwin Avatar answered Sep 26 '22 00:09

Bill Karwin