"Authentication plugin 'caching_sha2_password' - mysql

I'm new to MySql environment and installed :
MySQL with the following commands:
sudo apt-get update
sudo apt-get install mysql-server
mysql_secure_installation
and also installed mysql workbench.
But when I'm trying to connect my localhost getting the follow error:
"Authentication plugin 'caching_sha2_password' cannot be loaded: /usr/lib/mysql/plugin/caching_sha2_password.so: cannot open shared object file: No such file or directory"
and even this is the first time I'm posting a question in stackoverflow, sorry for my presentation errors and syntax.

So I found the reason for that error message (at least for my case).
It's because MySQL as of version 8.04 and onwards uses caching_sha2_password as default authentication plugin where previously mysql_native_password has been used.
This obviously causes compatibility issues with older services that expect mysql_native_password authentication.
Solutions:
Check for an updated version of the client service you are
using (most recent workbench for instance).
Downgrade the MySQL Server to a version below that change.
Change the authentication plugin on a per user basis (I didn't find a global option, maybe there exists one though).
Now regarding option 3 this is as simple as altering the user:
ALTER USER user
IDENTIFIED WITH mysql_native_password
BY 'pw';
or when creating the user:
CREATE USER 'username'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
See MySQL Server Blog
See Oracle

Some more details coming here:
That caching_sha2_password plugin is the new default authentication plugin on MySQL 8 server. Only the libmysql library from that MySQL 8 distribution owns this plugin, and it is built statically into libmysql - the C-connector for various clients. That caching_sha2_password is not available separately for downloading.
This is the very first time that libmysql has an important plugin statically included. And this causes any other libmysql (including libmariadb and also older libmysql's) not to connect to MySQL 8 with a user which is defined to use that caching_sha2_password authentication.
I just hope that the guys from MariaDB are so nice to also include that caching_sha2_password in their libmariadb, to restore the drop-in-compatibility between MySQL and MariaDB.
From MySQL's server blog:
Support for caching_sha2_password was added in MySQL 8.0.3. Older
versions of libmysqlclient do not support this plugin. So, although
client tools that use libmysqlclient older than one available with
MySQL 8.0.3 can connect to MySQL 8.0.4 server using users that use
other authentication plugins such as mysql_native_password or
sha256_password, such client cannot connect to MySQL 8.0.4 server
using users which require caching_sha2_password support. For an
upgraded database, it means connecting using an existing user account
should not face any issues.

In the my.cnf file add the following line:
default-authentication-plugin=mysql_native_password
then restart the server.

The latest MYSQL versions have 'caching_sha2_password' as the default authentication type. Which does not allow remote connections to MYSQL and results in caching_sha2_password plugin error.
I have fixed it using
ALTER USER 'yourusername'#'localhost' IDENTIFIED WITH mysql_native_password BY 'yourpassword';
Now it allows your user to access MySQL from localhost.
If you want to access MySQL from multiple remote hosts then do the following,
**
ALTER USER 'yourusername'#'%' IDENTIFIED WITH mysql_native_password BY
'youpassword';
**
After every alter command in SQL run the following to take effect.
FLUSH PRIVILEGES;
OR restart MySQL server

Login to Mysql or your workbench, and run the following statement for any user who has this issue:
alter USER 'YOURUSERFORMYSQL'#'localhost' identified with mysql_native_password by 'YOURPASSWORD'
In case you did not create the user yet, you can activate this feature during the user creation.
create USER 'NEWUSER'#'localhost' identified with mysql_native_password by 'NEWPASSWORD'

Related

Authentication plugin 'caching_sha2_password' is not supported using Flask-Sqlalchemy and MySQL

I'm connecting to MySQL (8.0) database with Flask here's the error:
Authentication plugin 'caching_sha2_password' is not supported
I created the database 'user' by this sql command:
ALTER USER 'my_user'#'localhost' IDENTIFIED WITH mysql_native_password BY 'password';
flush privileges;
quit;
I keep getting the same error though. How can I address this?
I suspect the legacy plugin can no longer be used as I tried to include it in my.cnf file and the MySQL server failed to start after relaunch.
Using this uri helped in my case:
'mysql+mysqlconnector://user:password#localhost/db?auth_plugin=mysql_native_password'

installing legacy mysql for older version of Rails

I need to run an old Rails 4.0 application with mysql and its related data. Rails gem is mysql2 (0.4.2) Database data is coming from a server versions 5.6.44
bash_profile has
export PATH="/usr/local/opt/mysql#5.6/bin:$PATH"
bundle install process completes as expected, but when launching the server, the connection to the database is failing
rbenv/versions/2.2.10/lib/ruby/gems/2.2.0/gems/mysql2-0.4.2/lib/mysql2/client.rb:87:in `connect': Access denied for user
I attempt to adjust my connection mechanism by the sql command:
ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY '<password>';
however, upon:
sudo mysql
Password:
ERROR 2059 (HY000): Authentication plugin 'caching_sha2_password' cannot be loaded: dlopen(/usr/local/Cellar/mysql#5.6/5.6.47/lib/plugin/caching_sha2_password.so, 2): image not found
So it appears I am in a sort of logical loop as there is no plugin download for the caching_sha2_password
What is the way out of this?
Bottom line: In this context, the following cannot be executed
create user 'USER_NAME'#'localhost' identified by 'PASSWORD';
as Homebrew has versions 5.6, 5.7 and 8.0 but ones where the set-up requires the caching_sha2_password plugin (introduced sometime during the 5.6 cycle apparently). Although root has no password, one cannot login as root mysql -uroot for this very reason.
Once it is accepted that this is a damned-if-you-do, damned-if-you-don't situation, time to move unconventionally...
I attempted to install both 5.6 and 8.0 via homebrew to import the mysql database under 8, but access it as 5.6. Whale fail. Exact same behaviour: root invariably needs access via sha2_password.
Solution
the mysql2 gem requires a version to hook up to. Given the version on the application 0.4.2, this meant
brew install mysql#5.6
go to https://downloads.mysql.com and find the appropriate community server installer for the OS to run on. Install. This application will allow root to login.
But now the connection to the database has to be the one to the downloaded application, not the homebrew keg (that's there to allow the application's gem to run). So the .bash_profile needs to have
export PATH=$PATH:/usr/local/mysql/bin
which points to the installed version rather than the homebrew one.
Now:
create user 'deploy'#'localhost' identified by 'some_nasty_string';
bundle exec rails db < my_db.sql
rails s
Get on with working.
One could also ponder about the interestingly seamless consequence of importing a mysql 5.6 database into 8.0
[Posted for anyone who has to dig up old material and make it evolve & to remember these hoops.]

Sequelize does not suport the MySQL 8 autentication protocol and I'm not getting how to change this protocol

I'm trying to migrate a db with Sequelize working with MySQL 8.0.15, but I'm not able to do that. I keep receiving this error message.
Sequelize CLI [Node: 10.15.0, CLI: 5.4.0, ORM: 5.3.5]
Loaded configuration file "config/config.json".
Using environment "development".
ERROR: Client does not support authentication protocol requested by server; consider upgrading MySQL client
I've tried every single solution for this problem. The thing is when i try to change the MySQL root password the message i get is this one:
ERROR 1819 (HY000): Your password does not satisfy the current policy requirements
Then I did try to change the password validate policy following this procedure
https://dev.mysql.com/doc/refman/5.6/en/validate-password-installation.html
then MySQL crashed cause it's deprecated. Then I tried this one
https://dev.mysql.com/doc/refman/8.0/en/validate-password-installation.html
Then I got this
mysql> INSTALL COMPONENT 'file://component_validate_password';
ERROR 3529 (HY000): Cannot load component from specified URN:
'file://component_validate_password'.
Then I checked where the component is
ls /usr/lib64/mysql/plugin/component_v*
/usr/lib64/mysql/plugin/component_validate_password.so
Anyone can help? I'm realy out of options, now!
Thanks in advance
If you want to use MySQL 5.x style authentication, typically all you have to do is add this to your my.cnf:
[mysqld]
default_authentication_plugin=mysql_native_password
Do this before adding any users. Only use users for connecting via Sequelize, never root.
If you are using MySQL 8.0 then https://dev.mysql.com/doc/refman/5.6/en/validate-password-installation.html then this shouldn't work.
Have used mysql_secure_installation and installed the validate_password_component then?
If yes, in that case, the plugin must already be installed and all you need to do is set validate_password related parameters in the options file (default /etc/my.cnf) and some options require a server restart.
For those who cannot edit system variables (for instance, if you're using a managed database in AWS or DigitalOcean), this works as well:
ALTER USER 'foo'#'bar' IDENTIFIED WITH mysql_native_password BY 'password';
flush privileges;
Or, if you cannot run flush privileges; like me:
DROP USER 'foo'#'bar';
CREATE USER 'foo'#'bar' IDENTIFIED WITH mysql_native_password BY 'password';
GRANT INSERT, SELECT, ... ON mydb.* TO 'foo'#'bar';

Brew MySQL version 8.0.12 Sequel Pro connection failure

I'm getting the exact same problem as this question. The problem is that the solution isn't really organized to be easily understandable in my situation.
MySQL said: Authentication plugin 'caching_sha2_password' cannot be loaded: dlopen(/usr/local/mysql/lib/plugin/caching_sha2_password.so, 2): image not found
I don't have anything to initialize the DB in macs system preferences. The second answer says:
Go to my.cnf file and in section [mysqld] add line:
default-authentication-plugin=mysql_native_password
Login to mysql server from terminal: run mysql -u root -p, then inside shell execute this command: ALTER USER 'root'#'localhost' IDENTIFIED WITH mysql_native_password BY '[password]';
exit from mysql shell with exit and run sudo service mysqld restart
The information given as to where to find my.cnf is found in this post and states:
mysql --help
Default options are read from the following files in the given order:
/etc/my.cnf /etc/mysql/my.cnf /usr/etc/my.cnf ~/.my.cnf
The following groups are read: mysql client
The following options may be given as the first argument:
--print-defaults Print the program argument list and exit.
--no-defaults Don't read default options from any option file.
--defaults-file=# Only read default options from the given file #.
--defaults-extra-file=# Read this file after the global files are read.
It looks like there are three areas where the my.cnf file is and I have no idea what one to edit, or how I should edit it.
Another solution I have found is from this thread:
After installing MySQL, authenticate using the CLI e.g
mysql -uroot
Then run the following command to use the old authentication method:
ALTER USER root#localhost IDENTIFIED WITH mysql_native_password BY 'PASSWORD';
Lastly, flush the privileges:
FLUSH PRIVILEGES;
Now you should able to connect using SequelPro again (using the specified password).
The second solution is reported to cause sequel pro to crash by multiple users in the answers comments, so I'm guessing it's hacky.
How do I connect mysql ver 8.0.12 to sequel pro? Should I just use another GUI? It seems this problem happens with workbench as well
Just incase it gets asked I'm using Mac OSX Sierra 10.13.5
Here is what worked for me on macOS Mojave (10.14.3) with brew installed mysql 8.
1) Add this line to my.cnf located in /usr/local/etc
default-authentication-plugin=mysql_native_password
2) Connect to your running mysql server on the command line as root user and then enter:
ALTER USER 'root'#'localhost'
IDENTIFIED WITH mysql_native_password
BY 'password';
replace 'password' with the root password for your mysql server.
3) Just to be sure all the changes are picked up be the mysql server I restarted the server.
These instructions were taken from the mysql.com documentation which you can find here:
https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-caching-sha2-password-compatible-connectors

Showing access denied for the users created with auth_pam plugin(Percona pam for mysql)

I have installed the percona pam for mysql plugin in my mysql sever. I am using a ubuntu 12.04 OS. Created users using the following commands:
CREATE USER 'apuser'#'%'IDENTIFIED WITH auth_pam;
CREATE USER 'apuser'#'localhost'IDENTIFIED WITH auth_pam;
GRANT ALL PRIVILEGES ON *.* TO apuser'#'%';
GRANT ALL PRIVILEGES ON *.* TO apuser'#'localhost';
I have changed the my.cnf to load the plugin and also created a PAM configuration file mysql as per the documentation of configuring percona pam for mysql.
Still I am not able to login to my mysql with the login credentials apuser to it.
It is showing access denied to apuser#localhost.
it sounds you can run query with other login.
please run "select user, host, plugin from mysql.user;" .
User 'apuser' should appear with 'auth_pam' in plugin column.
PAM provides the external authentication which enables mysql to accept connections defined outside mysql. It uses your other credentials like unix password or active directory credentials to authenticate mysql login . Hence any user other then the one used to login machine wont be able to login mysql. You must create user with name which is same to login your machine. Now you can access mysql with login-password of machine.
Hope it helps you.
Thanks.