Following steps are followed to enable MySQL encryption.
Mysql version 5.7 is installed on apache server. So by default keyring_file.so is available at following path: /usr/lib64/mysql/plugin/keyring_file.
In /etc/my.cnf below 2 code is added and MySQL is restarted.
early-plugin-load=keyring_file.so
keyring_file_data=/var/lib/mysql-keyring/keyring
When below query is executed to check if keyring plugin is active. It outputs as active
SELECT PLUGIN_NAME, PLUGIN_STATUS FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME LIKE 'keyring%';
+--------------+---------------+
| PLUGIN_NAME | PLUGIN_STATUS |
+--------------+---------------+
| keyring_file | ACTIVE |
+--------------+---------------+
Encryption is enabled on table level (on table author of DB testDB), It can be checked using below query
SELECT TABLE_SCHEMA, TABLE_NAME, CREATE_OPTIONS FROM INFORMATION_SCHEMA.TABLES WHERE CREATE_OPTIONS LIKE '%ENCRYPTION%';
+--------------+------------+----------------+
| TABLE_SCHEMA | TABLE_NAME | CREATE_OPTIONS |
+--------------+------------+----------------+
| testDB | author | ENCRYPTION="Y" |
+--------------+------------+----------------+
Data is inserted in author table as "plain text". However, though the table is encrypted.
select * from author;
+------+----------+-------------+
| id | name | email |
+------+----------+-------------+
| 1 | PQR | xuz#abc.com |
| 1 | XYZ | abc#abc.com |
| 1 | SSSS | xyz#abc.com |
| 1 | dfdfdf | prq#abc.com |
+------+----------+-------------+
What needs to be done to enable encryption on MySQL table?
What you enabled was innodb data at rest encryption, which is a transparent encryption technique, meaning authenticated and authorised users will not even notice it. As the mysql FAQ says on decryption:
InnoDB data-at-rest encryption is designed to transparently apply encryption within the database without impacting existing applications. Returning data in encrypted format would break most existing applications. InnoDB data-at-rest encryption provides the benefit of encryption without the overhead associated with traditional database encryption solutions, which would typically require expensive and substantial changes to applications, database triggers, and views.
Related
My application that is running on a client uses a MySQL database running on a server. So multiple clients are connected to the same server. That works well when the server is online. But now I would like to enhance my application to be able to run in an offline mode.
+--------------+
| |
+-----------+ SERVER +----------+
| | | |
| +-------+------+ |
| | |
+------+-------+ +-------+------+ +-------+------+
| | | | | |
| Client 1 | | Client 2 | | Client X |
| | | | | |
+--------------+ +--------------+ +--------------+
Now comes the problem: what happens when the client is offline? I need a copy of my MySQL database on each client too. By default the application interacts with the MySQL on the server. If this server is not accessible (for what reason ever: server is offline or client has no internet connection) it should use the MySQL running on the client. If the client/server connection is available again the databases need to be synched automatically.
My question is now: how to achieve this? First of all I checked the MySQL-replication, but in my scenario I have multiple "masters" and an unknown number of clients. So I afraid that replication is not my solution. Is it possible to solve my problem with MaxScale? I never worked with that so I really appreciate any help.
I know many of post have mention mariadb in xampp already include federated engine, but unfortunately the federated engine hasn't installed in my mariadb as you can see in the table below.
MariaDB [information_schema]> show engines;
+--------------------+---------+--------------------------------------------------------------------------------------------------+--------------+------+------------+
| Engine | Support | Comment | Transactions | XA | Savepoints |
+--------------------+---------+--------------------------------------------------------------------------------------------------+--------------+------+------------+
| CSV | YES | CSV storage engine | NO | NO | NO |
| InnoDB | DEFAULT | Percona-XtraDB, Supports transactions, row-level locking, foreign keys and encryption for tables | YES | YES | YES |
| MEMORY | YES | Hash based, stored in memory, useful for temporary tables | NO | NO | NO |
| MyISAM | YES | MyISAM storage engine | NO | NO | NO |
| MRG_MyISAM | YES | Collection of identical MyISAM tables | NO | NO | NO |
| Aria | YES | Crash-safe tables with MyISAM heritage | NO | NO | NO |
| PERFORMANCE_SCHEMA | YES | Performance Schema | NO | NO | NO |
| SEQUENCE | YES | Generated tables filled with sequential values | YES | NO | YES |
+--------------------+---------+--------------------------------------------------------------------------------------------------+--------------+------+------------+
8 rows in set (0.00 sec)
I also tried to follow the guide here and run this command INSTALL PLUGIN federated SONAME 'ha_federatedx.so'; but got error ERROR 1126 (HY000): Can't open shared library 'D:\xampp\mysql\lib\plugin\ha_federatedx.so.dll' (errno: 2, The specified module could not be found. . Can anyone tell me how to install the federated engine without re-install xampp? My database version is mysql Ver 15.1 Distrib 10.1.10-MariaDB, for Win32 (AMD64)
I know this answer likely comes several years too late, but I was having the same problem this morning on a Windows development machine. I tried ...
INSTALL PLUGIN federated SONAME 'ha_federatedx.so';
... but it didn't work, and I received the same error as Deno did. After some searching, I found that *.so files are Linux shared library files, so I tried the following command ...
INSTALL PLUGIN federated SONAME 'ha_federatedx.dll';
... and it worked! The only caveat is I am working with an actual install of MariaDB, not the version installed in XAMPP, so the actual DLL file might need to be installed in XAMPP.
Hopefully, this will help someone else who is experiencing the same problem.
I have an (old) ejabberd instance that still uses 'internal' as authentication method. I installed a shiny new server (including MySQL) and am planning to migrate to it ASAP. I would like to avoid using Mnesia as authentication DB from then on.
Since my users' passwords are still stored in the Mnesia-database, I need to import them into the (new) MySQL DB on the new server. I succeeded in dumping the 'passwd' table and it is filled with entries like this one:
{passwd,{<<"flowie">>,<<"server.com">>},
{scram,<<"pHHeHwc5yaarPAshse7Ijuygtre=">>,
<<"4Qiv9ygiMLlzeZXUG6Bpyhygtgr=">>,
<<"dylctQFXYGXemMii1Pswe==">>,4096}}
To be able to correctly import these entries into the MySQL DB I need to figure out which field corresponds to which in the MySQL 'users' table:
+----------------+--------------+------+-----+-------------------+-------+
| Field | Type | Null | Key | Default | Extra |
+----------------+--------------+------+-----+-------------------+-------+
| username | varchar(191) | NO | PRI | NULL | |
| password | text | NO | | NULL | |
| serverkey | varchar(64) | NO | | | |
| salt | varchar(64) | NO | | | |
| iterationcount | int(11) | NO | | 0 | |
| created_at | timestamp | NO | | CURRENT_TIMESTAMP | |
+----------------+--------------+------+-----+-------------------+-------+
6 rows in set (0.00 sec)
I obviously know what the 'username' field is (and I think I can guess what the 'iterationcount' would be), but I want to make sure I get the others in the right order.
In one phrase: in what order are the 'password', 'serverkey' and 'salt' fields stored in an ejabberd Mnesia DB ? Where can I find info about this ? In the code perhaps ?
Note for the aspiring hackers among you: I did change the values, using a random character generator ;)
I configured ejabberd 18.03 with the option
auth_password_format: scram
and created an account. Its authentication information is stored like this in Mnesia:
{passwd,{<<"user1">>,<<"localhost">>},
{scram,<<"Eu9adR8M5NPIBoVKK917UKJQTtE=">>,
<<"0mRs0DKWvb8C0/fcVmTRP2elKOA=">>,
<<"UclT113AyXYlUAZgv3q0vA==">>,4096}}
Later I exported Mnesia to a SQL file using the command:
ejabberdctl export2sql localhost /tmp/localhost.sql
and the resulting file contains this line:
INSERT INTO users(username, password, serverkey, salt, iterationcount)
VALUES ('user1',
'Eu9adR8M5NPIBoVKK917UKJQTtE=',
'0mRs0DKWvb8C0/fcVmTRP2elKOA=',
'UclT113AyXYlUAZgv3q0vA==', 4096);
Referencing a previous question, it doesn't seem possible to easily autogenerate a UML or ERD graph. How can this be done? Even the the detail which describe fudforum.*; provides would do the trick, except that you can't use a wildcard.
Something like mysqldump -d -u <username> -p<password> -h <hostname> <dbname> but more readable?
It looks like devart doesn't run on Linux, but I'm looking into that.
mysql:
mysql>
mysql> describe fudforum.fud30_xmlagg;
+----------------+--------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+----------------+--------------+------+-----+---------+----------------+
| id | int(11) | NO | PRI | NULL | auto_increment |
| name | varchar(255) | NO | | | |
| url | varchar(255) | NO | | | |
| forum_id | int(11) | NO | MUL | 0 | |
| xmlagg_opt | int(11) | NO | | 2 | |
| last_load_date | bigint(20) | NO | | 0 | |
| custom_sig | text | YES | | NULL | |
+----------------+--------------+------+-----+---------+----------------+
7 rows in set (0.04 sec)
mysql>
mysql> quit;
Bye
thufir#dur:~$
mysql workbench can reverse engineer and create erd's
http://www.mysql.com/products/workbench/
I've tried many times to get MySQL Workbench to auto generate an ERD with relationship lines but always left frustrated. Most of the databases I was working with used MyISAM tables without defined foreign keys. That seemed to prevent Workbench from generating the relationships I wanted or I just couldn't understand how to make it work. I tried many other solution as well but again never found the easy solution I was looking for until I stumbled on this blog post at mysqlworkbench.org.
MySQL Workbench Plugin: Auto-Create Foreign Keys
The post is a full explanation on how to get Workbench to search all of your tables for candidate foreign keys in other tables. It even shows how to get a working GUI for it. The best part is that the article links to a Python script that can be installed in Workbench as a plugin so you it's all handled for you.
Once the plugin is installed you run it and give it a pattern to use for testing whether keys match. It then gives you a list of the keys it thinks match which you can select if you agree. Then you click a button and it generates the ERD for you with all the relationship lines in place. Hallelujah!
Many thanks to akojima at MySQL Workbench. Now if only I could take the Delorean back four years and find this when it was published in 2010.
There is a tutorial how to convert Oracle 10G to UML using Eclipse and Dali plugin.
You can just swap Oracle with your database sql connector inside Dali and it would do the job.
mysqlshow command:
mysqlshow fudforum
I am using mac and I installed mysql using homebrew.
brew install mysql
pretty standard installation.
mysql> show engines;
+------------+---------+------------------------------------------------------------+--------------+------+------------+
| Engine | Support | Comment | Transactions | XA | Savepoints |
+------------+---------+------------------------------------------------------------+--------------+------+------------+
| MRG_MYISAM | YES | Collection of identical MyISAM tables | NO | NO | NO |
| CSV | YES | CSV storage engine | NO | NO | NO |
| MyISAM | DEFAULT | Default engine as of MySQL 3.23 with great performance | NO | NO | NO |
| InnoDB | YES | Supports transactions, row-level locking, and foreign keys | YES | YES | YES |
| MEMORY | YES | Hash based, stored in memory, useful for temporary tables | NO | NO | NO |
+------------+---------+------------------------------------------------------------+--------------+------+------------+
I would like innodb to be the default storage engine. What do I need to do?
Under [mysqld] section in your ini file, add:
default-storage-engine = innodb
It is usually /etc/my.cnf, but not sure about Mac.
From the docs:
On Unix, Linux and Mac OS X, MySQL programs read startup options from the following files, in the specified order (top items are used first).
File Name Purpose
/etc/my.cnf Global options
/etc/mysql/my.cnf Global options (as of MySQL 5.1.15)
SYSCONFDIR/my.cnf Global options
$MYSQL_HOME/my.cnf Server-specific options
defaults-extra-file The file specified with --defaults-extra-file=path, if any
~/.my.cnf User-specific options
The last one is never used by the daemon.
I can see from phpMyAdmin that MySQL has a database called information_schema, and it contains a table called ENGINES. Aside from the more global scenario of changing an ini file, wouldn't it be a simple solution to switch the table's SUPPORT fields for MyISAM and InnoDB (to 'YES' and 'DEFAULT' respectively)? I haven't done it myself, so proceed at your own risk ... and let me know how things turn out if you do.