Skip to content

Add note about default-auth for MySQL 8.0 clients (#2669) #2741

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 9, 2020
Merged

Add note about default-auth for MySQL 8.0 clients (#2669) #2741

merged 1 commit into from
Jun 9, 2020

Conversation

@sre-bot
Copy link
Contributor

@sre-bot sre-bot commented Jun 9, 2020

cherry-pick #2669 to release-2.1

What is changed, added or deleted? (Required)

The MySQL command line client (mysql) as well as the libmysqlclient client library have changed their default authentication plugin. See https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-caching-sha2-password for more information about that change.

It's no longer possible to connect to a TiDB Server using those clients if the user account has a password set, unless the default-auth=mysql_native_password option is used.

This behavior can be seen in this example:

mysql> create user myuser identified by 'password';
Query OK, 0 rows affected (0.05 sec)

$ mysql --version
mysql  Ver 8.0.19 for osx10.15 on x86_64 (Homebrew)

$ mysql -u myuser -ppassword
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'myuser'@'127.0.0.1' (using password: NO)

Note that the error message says "using password: NO", even though a password is given on the command line.

The --default-auth=mysql_native_passwword option allows the connection to succeed:

$ mysql -u myuser -ppassword --default-auth=mysql_native_password -e 'select version()'
mysql: [Warning] Using a password on the command line interface can be insecure.
+------------------------------------------+
| version()                                |
+------------------------------------------+
| 5.7.25-TiDB-v4.0.0-beta.2-443-ge0ec3e3ca |
+------------------------------------------+

This patch makes several updates to pages in the documentation that deal with MySQL compatibility, setting passwords, and connecting to TiDB using MySQL clients.

Which TiDB version(s) do your changes apply to? (Required)

  • master (the latest development version)
  • v4.0 (TiDB 4.0 versions)
  • v3.1 (TiDB 3.1 versions)
  • v3.0 (TiDB 3.0 versions)
  • v2.1 (TiDB 2.1 versions)

If you select two or more versions from above, to trigger the bot to cherry-pick this PR to your desired release version branch(es), you must add corresponding labels such as needs-cherry-pick-4.0, needs-cherry-pick-3.1, needs-cherry-pick-3.0, and needs-cherry-pick-2.1.

What is the related PR or file link(s)?

  • This PR is translated from:
  • Other reference link(s):

@sre-bot
cherry pick pingcap#2669 to release-2.1
8424c31 
Signed-off-by: sre-bot <sre-bot@pingcap.com>
@sre-bot sre-bot mentioned this pull request Jun 9, 2020
Merged
5 tasks
@sre-bot sre-bot added the type/cherry-pick-for-release-2.1 This PR is cherry-picked to release-2.1 from a source PR. label Jun 9, 2020
@sre-bot sre-bot requested review from jackysp, lilin90 and yikeke June 9, 2020 03:53
@yikeke
Copy link
Contributor

yikeke commented Jun 9, 2020

/merge

@sre-bot sre-bot added the status/can-merge Indicates a PR has been approved by a committer. label Jun 9, 2020
@sre-bot
Copy link
Contributor Author

sre-bot commented Jun 9, 2020

/run-all-tests

@sre-bot sre-bot merged commit 8d1070f into pingcap:release-2.1 Jun 9, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jackysp jackysp Awaiting requested review from jackysp

@lilin90 lilin90 Awaiting requested review from lilin90

1 more reviewer

@yikeke yikeke yikeke approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@kolbe kolbe

Labels

status/can-merge Indicates a PR has been approved by a committer. type/cherry-pick-for-release-2.1 This PR is cherry-picked to release-2.1 from a source PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sre-bot @yikeke @kolbe