Prefer using newer authentication plugins than mysql_native_password #82

Open
opened 2024-08-20 18:18:54 +02:00 by oysteikt · 0 comments
Owner

Ref https://dev.mysql.com/doc/refman/8.4/en/pluggable-authentication.html

The mysql_native_password authentication plugin is deprecated and subject to removal in a future version of MySQL.

Maybe we could enforce, or at least prefer the newer auth plugins if available? This is also relevant for #44, if we want to do our own unix uid based authentication for REPL access.

Ref https://dev.mysql.com/doc/refman/8.4/en/pluggable-authentication.html > The `mysql_native_password` authentication plugin is deprecated and subject to removal in a future version of MySQL. > * Plugins that perform authentication using SHA-256 password hashing. This is stronger encryption than that available with native authentication. See [Section 8.4.1.2, “Caching SHA-2 Pluggable Authentication”](https://dev.mysql.com/doc/refman/8.4/en/caching-sha2-pluggable-authentication.html), and [Section 8.4.1.3, “SHA-256 Pluggable Authentication”](https://dev.mysql.com/doc/refman/8.4/en/sha256-pluggable-authentication.html). Maybe we could enforce, or at least prefer the newer auth plugins if available? This is also relevant for #44, if we want to do our own unix uid based authentication for REPL access.
oysteikt added the
security
label 2024-08-20 18:24:12 +02:00
Sign in to join this conversation.
No description provided.