Shulou(Shulou.com)05/31 Report--

How to understand MySQL's pluggable verification and client-side plaintext verification plug-ins? for this problem, this article introduces the corresponding analysis and solutions in detail, hoping to help more partners who want to solve this problem to find a more simple and easy way.

MySQL supports a variety of authentication mechanisms provided through pluggable validation.

Plug-ins are built-in and are also available as external libraries.

The default server-side plug-ins are built-in and are always available, including:

-mysql_native_password: this is the default mechanism

-mysql_old_password: the implementation of this plug-in is validated in the same way as previous versions of MySQL4.1.1.

-sha256_password: this plug-in enables SHA-256 hashing of passwords.

MySQL uses several algorithms to encrypt passwords stored in the user table:

The mysql_native_password plug-in implements a standard password format: a 41-byte hash.

The mysql_old_password plug-in implements the older format, which is less secure and 16 bytes wide.

The sha256_password plug-in implements the SHA-256 hash algorithm that is widely used in secure computing.

The value of the old_passwords system variable specifies the algorithm that the PASSWORD () function uses to create the password, as follows:

0: standard algorithm, same as the algorithm used in MySQL 4.1.1 and later

1: the old algorithm, which is the same as the algorithm used in MySQL 4.1.1

2:SHA-256 algorithm

Set the default-authentication-plugin option to sha256_password when starting the server

You can use the SHA-256 password for all new users, or you can use the CREATE USER and IDENTIFIED WITH sha256_ password clauses to specify the SHA-256 password for a specific user.

Client-side plaintext verification plug-in

There is a built-in plaintext validation plug-in in the MySQL client library

Mysql_clear_password . The plug-in:

Used to send plain text passwords to the server

-passwords are usually hashed.

Enable in the following ways:

-LIBMYSQL_ENABLE_CLEARTEXT_PLUGIN environment variable

-running MySQL client applications such as mysql and

Specify-- enable-cleartext-plugin when mysqladmin)

-mysql_options () C API function

MYSQL_ENABLE_CLEARTEXT_PLUGIN option

Some authentication methods, such as PAM (Pluggable Authentication Module, pluggable authentication module) authentication, require the client to send a plain text password to the server so that the server can handle the normal form of password.

The mysql_clear_password plug-in supports this behavior.

This is the answer to the question about how to understand MySQL's pluggable verification and client-side plaintext verification plug-ins. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.