Skip to content

Add note about default-auth for MySQL 8.0 clients (#3969) #3989

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jul 17, 2020
Merged

Add note about default-auth for MySQL 8.0 clients (#3969) #3989

merged 3 commits into from
Jul 17, 2020

Conversation

@ti-srebot
Copy link
Contributor

@ti-srebot ti-srebot commented Jul 17, 2020

cherry-pick #3969 to release-3.1

What is changed, added or deleted? (Required)

Which TiDB version(s) do your changes apply to? (Required)

The MySQL command line client (mysql) as well as the libmysqlclient client library have changed their default authentication plugin. See https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-caching-sha2-password for more information about that change.

It's no longer possible to connect to a TiDB Server using those clients if the user account has a password set, unless the default-auth=mysql_native_password option is used.

This behavior can be seen in this example:

mysql> create user myuser identified by 'password';
Query OK, 0 rows affected (0.05 sec)

$ mysql --version
mysql  Ver 8.0.19 for osx10.15 on x86_64 (Homebrew)

$ mysql -u myuser -ppassword
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'myuser'@'127.0.0.1' (using password: NO)

Note that the error message says "using password: NO", even though a password is given on the command line.

The --default-auth=mysql_native_passwword option allows the connection to succeed:

$ mysql -u myuser -ppassword --default-auth=mysql_native_password -e 'select version()'
mysql: [Warning] Using a password on the command line interface can be insecure.
+------------------------------------------+
| version()                                |
+------------------------------------------+
| 5.7.25-TiDB-v4.0.0-beta.2-443-ge0ec3e3ca |
+------------------------------------------+

This patch makes several updates to pages in the documentation that deal with MySQL compatibility, setting passwords, and connecting to TiDB using MySQL clients.

  • master (the latest development version)
  • v4.0 (TiDB 4.0 versions)
  • v3.1 (TiDB 3.1 versions)
  • v3.0 (TiDB 3.0 versions)
  • v2.1 (TiDB 2.1 versions)

What is the related PR or file link(s)?

@TomShawn @ti-srebot
cherry pick pingcap#3969 to release-3.1
a167d91 
Signed-off-by: ti-srebot <ti-srebot@pingcap.com>
@ti-srebot ti-srebot mentioned this pull request Jul 17, 2020
Merged
5 tasks
@ti-srebot ti-srebot added the type/cherry-pick-for-release-3.1 This PR is cherry-picked to release-3.1 from a source PR. label Jul 17, 2020
@ti-srebot ti-srebot requested review from jackysp and yikeke July 17, 2020 06:09
@ti-srebot
Copy link
Contributor Author

ti-srebot commented Jul 17, 2020

@TomShawn please accept the invitation then you can push to the cherry-pick pull requests.
https://github.com/ti-srebot/docs-cn/invitations

TomShawn
TomShawn reviewed Jul 17, 2020
View reviewed changes
TomShawn
TomShawn approved these changes Jul 17, 2020
View reviewed changes
Copy link
Contributor

@TomShawn TomShawn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ti-srebot ti-srebot added the status/LGT1 Indicates that a PR has LGTM 1. label Jul 17, 2020
@TomShawn TomShawn merged commit 9b29c5b into pingcap:release-3.1 Jul 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jackysp jackysp Awaiting requested review from jackysp

@yikeke yikeke Awaiting requested review from yikeke

1 more reviewer

@TomShawn TomShawn TomShawn approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@TomShawn TomShawn

Labels

status/LGT1 Indicates that a PR has LGTM 1. type/cherry-pick-for-release-3.1 This PR is cherry-picked to release-3.1 from a source PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ti-srebot @TomShawn