Please update Readme with SHA2 password authentication example.

Question

Please update Readme with SHA2 password authentication example.

suchislife801 opened this issue 3 years ago · 6 comments

Where is the working example for this feature? I still have no idea how to implement it.

Answer 1 · 2021-06-06T13:11:27.000Z

It should work without additional configuration on the client.
But there may be some problem for some MySQL server configuration as we didn't implement the Authentication Method Mismatch protocol.

Answer 2 · 2021-06-06T13:20:16.000Z

It does not work with Digital Ocean MySQL 8.0 Authetication. It does not either when Digital Ocean by passes it down to MySQL 5.x

My Config example below. Are these settings correct as far as you know? Digital Ocean Managed Database.

caching_sha2_password_auto_generate_rsa_keys              ON
caching_sha2_password_private_key_path                    private_key.pem                                                                                                                                                                                                                                             
caching_sha2_password_public_key_path                     public_key.pem
default_authentication_plugin                             caching_sha2_password
sha256_password_auto_generate_rsa_keys                    ON                                                                                                                                                                                                                                                                                                                                                                                                                                                                    
sha256_password_private_key_path                          private_key.pem                                                                                                                                                                                                                                                                                                                                                                                                                                                       
sha256_password_proxy_users                               OFF                                                                                                                                                                                                                                                                                                                                                                                                                                                                   
sha256_password_public_key_path                           public_key.pem 
Caching_sha2_password_rsa_public_key                   -----BEGIN PUBLIC KEY-----                                                                                                                                                                                                                                                                                                                                                                                                                                           
                                                       MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1cnMPdb/ve74aUw0oku                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       JSUcAlmcPGSWknBR3fP5OX1wfLey/ES/mcPyAZ6TQ4X0liAiCP6hmVr9oncungK7                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       cbG7JrwZjhOp5OUJ0yzDYEbEIRv6LRgD5wkj0U8SKc8ndFLrFTptbKgF7ZgySW6i                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       IGZof6HCSRi7nbSOICi+cafTI7dN9Y+PYvIEHhEHeu2RY+mAK+WpiXUYR6+3e7Ur                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       t0Kmq9+XkRH8ACcuvEoGQFCdz2FC8yB7ST6QKN6magClwd8218D6B8d99L6OoKAE                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       lomYxLDTnARWnKFKNhnCqcUS9cAyKHPQxC5jvVBZ5+Go0hXXdJVlmIe0KeKVZjW+                                                                                                                                                                                                                                                                                                                                                                                                     
                                                       NwIDAQAB                                                                                                                                                                                                                                                                                                                                                                                                                                                             
                                                       -----END PUBLIC KEY-----

Answer 3 · 2022-01-17T19:20:07.000Z

Is there still no solution to to this? Nothing at all? The most IMPORTANT part of the project which is to connect, does not actually work.

Answer 4 · 2022-11-23T13:31:22.000Z

@lideming Is there any reference for Authentication Method Mismatch protocol? The link is invalid now. I'd like to do some research and willing to contribute if it is in my ablity

Answer 5 · 2022-11-23T13:49:11.000Z

@shiyuhang0 It's the "Authentication Method Mismatch" part in Connection Phase (https://dev.mysql.com/doc/dev/mysql-server/latest/page_protocol_connection_phase.html). We have implemented only the "Authentication Phase Fast Path" currently and can not switch authentication method in case of the mismatch. Thanks for your research and PRs are welcome.

Answer 6 · 2022-11-25T12:42:17.000Z

@lideming PTAL #137
But I don't known how to test it.