Security warning in MYSQL 5.6 

Changes from MySQL 5.6.5:
Security Fix: MySQL client programs now issue a warning if a password is given on the command line that this can be insecure.


So, if you use a plain-text password/argument in the script like below:


shell>mysql --user=${myuser} --password=${mypasswd} --port=${myport} --host=${myhost} ${mydb}


Then you will get this warning:


Warning: Using a password on the command line interface can be insecure.






Solution:


Suggestions from MYSQL bug forum.


A better solution is to use mysql_config_editor which MYSQL officially suggested to add the called "mysqlpath" object which generated crypted credential for the mysql database. 


It is in the bin folder in your installed MYSQL5.6 folder. 


1. To find the "mysql_config_editor" cmd, you can use:


shell> which mysql_config_editor


My case, it is in the path: 


/usr/local/mysql-advanced-5.6.11-linux-glibc2.5-x86_64/bin/mysql_config_editor




Note: if the "which" shows no result, it means you did not set the MYSQL5.6 path in the .profile file. It is better to do this to avoid further problems when you need to use the mysql bin cmds in crontab or shell script. You will easily get the path problem.


To set the MYSQL5.6 PATH in the .profile, you just need to add the folder path like below at the end of the file:


PATH="$PATH:/usr/local/mysql-advanced-5.6.11-linux-glibc2.5-x86_64/bin"




2. Add/Creat a mysqlpath:

shell>mysql_config_editor set --login-path=remote --host=hostname --user=username --password
Enter password: enter password "password" here

Note: after "--login-path=" , you give the name of the mysqlpath which need be used.



 3. Check mysqlpath:



shell>mysql_config_editor print --all




[remote]
user = username
password = *****
host = hostname



4. Use mysql normally in your script with "--login-path=remote" option.



shell>mysql --login-path=remote -h hostname -u username -P port database



Note: The option in this cmd line will overwrite the value which you have already set using mysql_config_editor.For  example "-h", hostname, which already set in mysql_config_editor , then the one set in the mysql cmd will overwrite it.   Only password is a must in mysql_config_editor  setting. 




































Comments











Post a Comment



















Popular posts from this blog









install postgreSQL in ubuntu 16.04





















 When following the Install PostgreSQL in Ubuntu  in Ubuntu 16.04, got error as below:    $ apt-get install postgresql-9.6 Reading package lists... Done Building dependency tree        Reading state information... Done You might want to run 'apt-get -f install' to correct these: The following packages have unmet dependencies:  adobereader-enu:i386 : Depends: libgtk2.0-0:i386 (>= 2.4) but it is not going to be installed  postgresql-9.6 : Depends: postgresql-client-9.6                   Depends: postgresql-common (>= 171~) but it is not going to be installed                   Recommends: postgresql-contrib-9.6 but it is not going to be installed E: Unmet dependencies. Try 'apt-get -f install' with no packages (or specify a solution).  The suggested solution in the last line and a normal ubuntu upgrade do not solve the issue,  and the cmd below can fix it:  $sudo apt full-upgrade  After the fix, then can apt-get to install postgresql again. After install postgresql, 








Keep reading










timestamp with 16, 13 and 10 digits to Qlik date





















 Sometimes, we need to convert the Linux timestamps to Qlik date, it can be done in the SQL script, and can also be done in the Qlik Load/expression.   Linux timestamps with 16 digits are microseconds timestamps, and 13 digits are milliseconds, and 10 digits are second timestamps.   To convert to a Qlik date, hour or time as following:  As the timestamps starts from "19700101 00:00:00",  then this start timestamps needs be added:   For 16 digits:   Date(Date#('19700101', 'YYYYMMDD')+(SynchronousQuery_ Event_Time/1000000/86400)   or    Date(25569+Round(SynchronousQuery_ Event_Time/1000000/86400),'YYYYMMDD')   25569 is the number format for date '19700101'   For 13 digits:   Date(Date#('19700101', 'YYYYMMDD')+(SynchronousQuery_ Event_Time/1000/86400)   or    Date(25569+Round(SynchronousQuery_ Event_Time/1000/86400),'YYYYMMDD')    For 10 digits:   Date(Date#('19700101', 'YYYYMMDD')+(SynchronousQuery_ Event_T








Keep reading










install ipython in Cloudera VM using pip





















I am practicing pyspark in Cloudera VM, and pyspack need be launched by ipython. In all the old Cloudera VM guide, it use easy_install to install ipython, but it does not work in Virtualbox 5.2.0 r118431 and later. And will get the error :  $sudo easy_install ipython==1.2.1 ... error: Could not find suitable distribution for Requirement.parse('ipython==1.2.1')  The solution for this is to use pip to install ipython. But by default, pip is not installed in cloudera VM, and pip can not be installed by eacy_install as well. And after some search, I  noticed cloudera has yum installed, and yum can install pip:  $sudo yum install python-pip ... $which pip /usr/bin/pip  Now ipython can be installed b pip:  $sudo pip install ipython=1.2.1 ...  Succesfully installled ipython-1.2.1   After that, launch spack by ipython:  $PYSPARK_DRIVER_PYTHON=ipython pyspark ...   Welcome to        ____                       __       / __ /__  ___ _____/  /__      _\ \/ _   \/  _  ` /  __/    '_ / 








Keep reading