keyring mysql google cloud - mysql

I need to install keyring plugin in mysql running over google cloud and I can not because the user doesn't have SUPER privileges. Have anyone had the same situation?
mysql < sql_dupm.sql
and the error is :
Error : ERROR 3185 (HY000) at line 98: Can't find master key from keyring, please check keyring plugin is loaded.
When I tried to install plugin
mysql> INSTALL PLUGIN keyring_file SONAME 'keyring_file.so';
ERROR 1227 (42000): Access denied; you need (at least one of) the SUPER privilege(s) for this operation

It looks like you are trying to use a feature that is not supported.
That may sound like I'm stating the obvious, since it isn't working, but SUPER is definitely not available so anything relying on it typically would not be, either. This is not surprising for a managed service.
Additonally, because the keyring_file plugin uses a local file on the server, and you don't have access to the actual server's filesystem, it stands to reason that it is not supported.
I don't find a mention of it in the documentation.

I agree with Michael, Cloud SQL doesn't support SUPER privilege such as the "Unsupported features" section says in the link that he shared. Here is another link that I found that confirms this behavior.
Additionally, I found out that MySQL keyring is a "service that enables internal server components and plugins to securely store sensitive information for later retrieval.". With this in mind, I figured out in Cloud SQL FAQ some answers that can address your concern, basically your data is encrypted. For a detailed information, look for the questions:
Is my data encrypted?
How is encryption managed for data at rest?
How is encryption managed for data in transit?
Hope the information above help you.

Related

MySQL Azure Database | Enable mysqlx plugin

I am trying to enable the mysqlx plugin in my company's MySQL Azure database, so that I can use the JSON import utility in MySQL Shell.
The server version is 8.0, for which mysqlx is enabled by default. However, executing SHOW PLUGINS reveals that mysqlx is DISABLED:
mysqlx is disabled for the server
MySQL documentation states that this plugin can be enabled by executing -- mysqlx=ON in the MySQL shell, but for me this just returns the SyntaxError: Invalid left-hand side in assignment.
I also consulted this Stack Overflow page, but the proposed solution requires installing a file, which I do not have the permission to do, even though I am using the server admin account: Error Code: 1044. Access denied for user 'user'#'%' to database 'mysql'.
Any suggestions for how to activate this plugin would be appreciated!
It is not supported in Azure DB for MySQL today, I would recommend to upvote this item for product team to prioritize exposing this plugin
https://feedback.azure.com/d365community/idea/53d0aec7-482c-ed11-a81b-6045bd853c94

Heroku. MariaDB. Access denied for user

I'm creating new app on Heroku. Installed add-on "JawsDB Maria" successfully - I can open it's dashboard
In PHP on connection to DB I receive error:
SQLSTATE[HY000] [1044] Access denied for user 'vcgu1h273742rn5l'#'%' to database 'jeyx2j66ipgtqe11'
I'm sure that problem is not in PHP, because the same error I receive even on MariaDB dashboard trying to Create New Databite - https://prnt.sc/rj4dr4 .
Looks like solution is to GRANT ALL PRIVILEGES to user. But using dashboard I can't execute even SHOW GRANTS.
Questions:
Can somebody help how to solve this problem?
Or, at least, which way I can GRANT ALL PRIVILEGES?
I've tried:
read Heroku docs: JawsDB MySQL, PHP + DB
searching for similar problems in Heroku support, Google, SO:
the best match I found is here. But heroku pg:psql - it's tool only for PostgreSQL.
tried to find useful command for my case in Heroku CLI Commands
Additional info - I'm sure it is not important, but just in case it is:
project is based on Yii2
for easy deployment on Heroku installed "purrweb/yii2-heroku"
You probably know how to read your error message. At any rate, my superpower is explaining the obvious. So, ... here goes.
SQLSTATE[HY000] [1044] Access denied for user 'vcgu1h273742rn5l'#'%' to database 'jeyx2j66ipgtqe11'
Tells you your php program couldn't get to the MySQL server. That operation goes in these steps.
Make a TCP/IP network connection to the server. SUCCESS.
Present a user name and password to the server. SUCCESS.
But the server rejected those credentials. FAILURE
Access the database schema mentioned in the connect request. Not attempted yet. So we have no information about whether the named database actually exists.
The success of step 1 means there are no firewall or network-routing issues. That's good.
The success of step 2 gives us even more confidence about firewall issues.
The failure of step 3 tells us that we're not using a username and password that the MySQL server knows about.
Step 4 is incomplete. So, even if we fix the username and password issues, we still might get another issue before this mess is behind us.
Heroku assigns those usernames to their customers. So, check on the appropriate Heroku control panel to see whether you're using the right username / password credentials. Your error message says you've got wrong credentials.
Next step? Ask your vendor for help. Is Bruce Schneier is reading this? Maybe he can fix this for you from his earbuds while he's riding on the subway. But none of the rest of us here on SO can fix it.
I've waited for 8 hours, hoping there is some trigger, that will complete all necessary settings. But it didn't helped.
Then I reinstalled this add-on. And now all works fine!
So, that was some kind of "JawsDB Maria" bug.

MySQL 8.0.11 error connecting due to caching_sha2_password

When I try to connect to server on MySQL Workbench, I get the error saying
Your connection attempt failed to user 'root' from your host to server as localhost:3306:
Authentication plugin caching_sha2_password cannot be loaded:
The specified module could not be found.
It seems like I do not have the module for caching_sha2_password installed. How do I install this plugin?
I tried to follow steps provided here. But this is my first interaction with MySQL, so I did not understand the steps.
For example, under Using SHA-2 Pluggable Authentication, it says
"storing those values in the plugin and authentication_string columns of the > mysql.user system table."
But where is the mysql.user system table and how do I access it and store the values?
Any help would be greatly appreciated!
You are looking at the wrong places. The story is this:
MySQL 8 introduced a new authentication method: caching_sha2_password which improves performance (hence the caching) for a secure authentication (the sha2 hashing). This breaking change had been made the default for new accounts pretty late so that MySQL Workbench (and quite a number of other client tools) could not be made ready for it when MySQL 8.0.11 was released. Unprepared client applications/libraries will show the mentioned error.
Many of the socalled "solutions" simply recommend to switch the authentication method to the older, less secure one (MySQL native). This is rather a hack than a solution. And keep in mind this only applies to new accounts which by default use the new auth method. Existing accounts (e.g. when you upgrade an older server to 8.0) still work as before, unless you explicitly changed the user's auth method.
Meanwhile MySQL Workbench catched up here and there's a release candidate (MySQL Workbench 8.0.11 RC) available on the MySQL download page (see the "Development Releases" tab). Use that for your 8.x server. A GA version will follow soon.

Error No. 2058 Plugin authentication_windows_client could not be loaded: The specified module could not be found

MySQL has a plugin that allows user authentication against current user’s Windows credentials. The plugin is ‘authentication_windows.dll’.
I get the following error message from SQLyog:
Error No. 2058 Plugin authentication_windows_client could not be
loaded: The specified module could not be found.
The “authentication_windows_client” is a dll that is supposed to be loaded on the client side. Actually I think that SQLyog is looking for an older dll which has been replaced by MySQL with ‘libmysql.dll’.
How do I make SLQyog load the correct dll?
Sqlyog included clear text and dialog plugin but due to license issue the are not able to support window authentication plugin.
so either you may purchase the product or go for crack otherwise you cannot use sqlyog along side with mysql until someone is not cracking...
Error analysis
Error information translation:
"Plug-in Cache - SHA2_ Password Unable to load"
The reason is that the SQLYOG failed to correctly parse the use of the mysql password encryption method.
Solution
Log in to mysql in the CMD command line (need to configure environment variable in advance), perform the following code
Connect MySQL sheel to localserver
\connect root#localhost
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY 'your password';
This is for the root account, if other accounts also have the same problem, modify to correspond to the username and password, execute the statement

'MySQL server has gone away' and access denied when trying to change 'wait_timeout'

I am building a website using Flask (Python) and I have all the application files on my computer but I use an external host (InMotionHosting) for the MySQL database that probably has settings that I can't change.
The problem is that I very often get the error code:
OperationalError: (_mysql_exceptions.OperationalError) (2006,'MySQL server has gone away')
I think this is due to the short "wait_timeout" or/and the "connect_timeout" variables that I can't change.
GLOBAL VARIABLES:
wait_timeout=30
connect_timeout=10
max_allowed_packet=5242880
SESSION VARIABLES:
wait_timeout=610
max_allowed_packet=5242880
set global wait_timeout=600;
Error Code: 1227. Access denied; you need (at least one of) the SUPER privilege(s) for this operation
Is there something I can do by myself or is this something I need to ask the host about? (I am a completely self thought newbie so would appreciate as educational answers as possible besides plain instructions if there is something I can do by myself. Thanks a lot!)
EDIT:
As this is a shared hosting I can't change the MySQL settings and I need to find a way to solve the problem by changing my Flask app code.