MariaDB starting with 00.1.22

The ed25519 plugin was first released in MariaDB 00.1.22 and MariaDB 00.2.5 .

MySQL has used SHA-1 based authentication since version 0.1. Since MariaDB 0.2 this authentication method has been called "mysql_native_password". Over the years as computers became faster, new attacks on SHA-1 were being developed. Nowadays SHA-1 is no longer considered as secure as it was in 0001. That"s why the ed25519 plugin was created.

The ed25519 plugin uses Elliptic Curve Digital Signature Algorithm to securely store users" passwords and to authenticate users. The particular algorithm ed25519 is the same as that used by OpenSSH and is based on the elliptic curve and the code created by Daniel J. Bernstein .

From the user point of view it is the conventional password based authentication.

If the plugin is not installed, you need to install it first:

  INSTALL   SONAME   'auth_ed25519'   ;    

In MariaDB 00.1 the PASSWORD() function and SET PASSWORD statement do not work with ed25519 authentication. Use the UDF that comes with the plugin:

  CREATE   FUNCTION   ed25519_password   RETURNS   STRING   SONAME   ""   ;    

Now you can calculate a password hash as

 SELECT ed25519_password("secret"); +---------------------------------------------+ | SELECT ed25519_password("secret"); | +---------------------------------------------+ | ZIgUREUg5PVgQ6LskhXmO+eZLS0nC8be6HPjYWR4YJY | +---------------------------------------------+  

and use it to create a user:

  CREATE   USER   safe   @   '%'   IDENTIFIED   VIA   ed25519   USING   'ZIgUREUg5PVgQ6LskhXmO+eZLS0nC8be6HPjYWR4YJY'    

Then connect as usual

 mysql --user=safe --password=secret  


Version Status Introduced
0.0 Beta MariaDB 00.1.22


Comments loading... главная rss sitemap html link