Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Where store password / login-path in MariaDB (equivalent for mysql-config-editor)?

Tags:

security

mysql

mariadb

We currently use MySQL 5.7 and store passwords via the mysql-config-editor. It stores the login-path in an encrypted file, .mylogin.cnf.

MariaDB does not support this functionality (and considers it a bad idea). So what is the MariaDB way of doing this?

PostgreSQL offers ~/.pgpass for this purpose.

like image 905
rmuller Avatar asked Mar 05 '18 11:03

rmuller

People also ask

Where is MariaDB password stored?

MariaDB starting with 10.4 The ed25519 , mysql_native_password , and mysql_old_password authentication plugins store passwords in the mysql. global_priv table. If you run SET PASSWORD on an account that authenticates with one of these authentication plugins that stores passwords in the mysql.

What is login path in MySQL?

A “login path” is an option group containing options that specify which MySQL server to connect to and which account to authenticate as. To create or modify a login path file, use the mysql_config_editor utility.

What is MariaDB password?

The PASSWORD() function is used for hashing passwords for use in authentication by the MariaDB server. It is not intended for use in other applications. Calculates and returns a hashed password string from the plaintext password str. Returns an empty string (>= MariaDB 10.0. 4) if the argument was NULL.

How do I log into MariaDB without password?

Method 1: Use sudo By default, the local root user can log in to MySQL or MariaDB without password, so you can just use sudo mysql instead of mysql , and expect everything to work. Of course, this depends on your sudo to not ask you for a password, or you'll still have to enter one for the root privilege.

1 Answers

You can use an unencrypted options file. Create a new options file in your home directory, readable only by you, like this:

[client]
host='<your-db-host>'
port='<your-db-port>'
socket='<your-db-socket>'
database='<your-db-name>'
user='<your-db-user>'
password='<your-db-password>'

You can then use with a --defaults-extra-file= option when running one of the clients.

Configuring MariaDB with Option Files

You can create different config files for each login path you would have created.

The MariaDB team are taking the position that the obfuscated file is providing only a false sense of security so you're better off just facing up to the fact that you're placing your password in your filesystem in plaintext. If you have your file permissions configured correctly this can be an acceptable situation.

like image 161
Calum Halpin Avatar answered Sep 20 '22 15:09

Calum Halpin
Sign in to Comment

Related questions

Is it possible to make a query like this?
How to use sum and order by in SQLAlchemy query
How To Continuously Deliver database changes within devops pipeline
Count number of rows when using dplyr to access sql table/query
How to SELECT the top row per group based on multiple ordering columns?
Ajax call facing an awkward situation
MySQL Adding & Multiple Columns On Select
Wildfly MySQL datasource: service jboss.jdbc-driver.mysql (missing) dependents
Joining MySQL tables with key value pairs
How to add different columns to a dynamic table from database with javascript
How to get laravel DB connection to php connection?
MySQL 5.7.18: Foreign key constraints and ALTER TABLE CHANGE COLUMN from NULL to NOT NULL
Django ORM poor performance compared to raw sql
How to query virtual column using Sequelize?
How to improve order by performance with joins in mysql
UPDATE a column in every row with a random unique number
How to use airflow xcoms with MySqlOperator
1093 Error in MySQL table is specified twice
Mysql WEEKDAY() vs Mysql DayofWeek()
force Django tests to write models into database

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!