1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
|
set global secure_auth=0;
create user natauth@localhost identified via 'mysql_native_password' using '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
create user invalidauth@localhost identified via 'mysql_native_password' using 'invalid';
create user newpass@localhost identified by password '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
create user invalidpass@localhost identified by password 'invalid';
create user newpassnat@localhost identified via 'mysql_native_password';
set password for newpassnat@localhost = '*94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29';
create user invalidpassnat@localhost identified by password 'invalid';
set password for invalidpassnat@localhost = 'invalid';
create user oldauth@localhost identified with 'mysql_old_password' using '378b243e220ca493';
create user oldpass@localhost identified by password '378b243e220ca493';
create user oldpassold@localhost identified with 'mysql_old_password';
set password for oldpassold@localhost = '378b243e220ca493';
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
User Host Password plugin authentication_string
invalidauth localhost invalid mysql_native_password invalid
invalidpass localhost invalid mysql_native_password invalid
invalidpassnat localhost invalid mysql_native_password invalid
mariadb.sys localhost mysql_native_password
natauth localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 mysql_native_password *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29
newpass localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 mysql_native_password *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29
newpassnat localhost *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29 mysql_native_password *94BDCEBE19083CE2A1F959FD02F964C7AF4CFC29
oldauth localhost 378b243e220ca493 mysql_old_password 378b243e220ca493
oldpass localhost 378b243e220ca493 mysql_old_password 378b243e220ca493
oldpassold localhost 378b243e220ca493 mysql_old_password 378b243e220ca493
connect con,localhost,natauth,test,;
select current_user();
current_user()
natauth@localhost
disconnect con;
connect con,localhost,newpass,test,;
select current_user();
current_user()
newpass@localhost
disconnect con;
connect con,localhost,newpassnat,test,;
select current_user();
current_user()
newpassnat@localhost
disconnect con;
connect con,localhost,oldauth,test,;
select current_user();
current_user()
oldauth@localhost
disconnect con;
connect con,localhost,oldpass,test,;
select current_user();
current_user()
oldpass@localhost
disconnect con;
connect con,localhost,oldpassold,test,;
select current_user();
current_user()
oldpassold@localhost
disconnect con;
connection default;
flush privileges;
connect con,localhost,natauth,test,;
select current_user();
current_user()
natauth@localhost
disconnect con;
connect con,localhost,newpass,test,;
select current_user();
current_user()
newpass@localhost
disconnect con;
connect con,localhost,newpassnat,test,;
select current_user();
current_user()
newpassnat@localhost
disconnect con;
connect con,localhost,oldauth,test,;
select current_user();
current_user()
oldauth@localhost
disconnect con;
connect con,localhost,oldpass,test,;
select current_user();
current_user()
oldpass@localhost
disconnect con;
connect con,localhost,oldpassold,test,;
select current_user();
current_user()
oldpassold@localhost
disconnect con;
connection default;
set password for natauth@localhost = PASSWORD('test2');
set password for newpass@localhost = PASSWORD('test2');
set password for newpassnat@localhost = PASSWORD('test2');
set password for oldauth@localhost = PASSWORD('test2');
set password for oldpass@localhost = PASSWORD('test2');
set password for oldpassold@localhost = PASSWORD('test2');
select user, host, password, plugin, authentication_string from mysql.user where user != 'root';
User Host Password plugin authentication_string
invalidauth localhost invalid mysql_native_password invalid
invalidpass localhost invalid mysql_native_password invalid
invalidpassnat localhost invalid mysql_native_password invalid
mariadb.sys localhost mysql_native_password
natauth localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
newpass localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
newpassnat localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
oldauth localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
oldpass localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
oldpassold localhost *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E mysql_native_password *7CEB3FDE5F7A9C4CE5FBE610D7D8EDA62EBE5F4E
connect con,localhost,natauth,test2,;
select current_user();
current_user()
natauth@localhost
disconnect con;
connect con,localhost,newpass,test2,;
select current_user();
current_user()
newpass@localhost
disconnect con;
connect con,localhost,newpassnat,test2,;
select current_user();
current_user()
newpassnat@localhost
disconnect con;
connect con,localhost,oldauth,test2,;
select current_user();
current_user()
oldauth@localhost
disconnect con;
connect con,localhost,oldpass,test2,;
select current_user();
current_user()
oldpass@localhost
disconnect con;
connect con,localhost,oldpassold,test2,;
select current_user();
current_user()
oldpassold@localhost
disconnect con;
connection default;
flush privileges;
connect con,localhost,natauth,test2,;
select current_user();
current_user()
natauth@localhost
disconnect con;
connect con,localhost,newpass,test2,;
select current_user();
current_user()
newpass@localhost
disconnect con;
connect con,localhost,newpassnat,test2,;
select current_user();
current_user()
newpassnat@localhost
disconnect con;
connect(localhost,invalidauth,invalid,test,MASTER_PORT,MASTER_SOCKET);
connect con,localhost,invalidauth,invalid,;
ERROR 28000: Access denied for user 'invalidauth'@'localhost' (using password: YES)
connect(localhost,invalidpass,invalid,test,MASTER_PORT,MASTER_SOCKET);
connect con,localhost,invalidpass,invalid,;
ERROR 28000: Access denied for user 'invalidpass'@'localhost' (using password: YES)
connect(localhost,invalidpassnat,invalid,test,MASTER_PORT,MASTER_SOCKET);
connect con,localhost,invalidpassnat,invalid,;
ERROR 28000: Access denied for user 'invalidpassnat'@'localhost' (using password: YES)
connect con,localhost,oldauth,test2,;
select current_user();
current_user()
oldauth@localhost
disconnect con;
connect con,localhost,oldpass,test2,;
select current_user();
current_user()
oldpass@localhost
disconnect con;
connect con,localhost,oldpassold,test2,;
select current_user();
current_user()
oldpassold@localhost
disconnect con;
connection default;
drop user natauth@localhost, newpass@localhost, newpassnat@localhost;
drop user invalidauth@localhost, invalidpass@localhost, invalidpassnat@localhost;
drop user oldauth@localhost, oldpass@localhost, oldpassold@localhost;
set global secure_auth=default;
# switching from mysql.global_priv to mysql.user
create user foo@localhost identified with mysql_native_password;
update mysql.user set authentication_string=password('foo'), plugin='mysql_native_password' where user='foo' and host='localhost';
set password for 'foo'@'localhost' = password('bar');
flush privileges;
connect foo, localhost, foo, bar;
select user(), current_user();
user() current_user()
foo@localhost foo@localhost
show grants;
Grants for foo@localhost
GRANT USAGE ON *.* TO `foo`@`localhost` IDENTIFIED BY PASSWORD '*E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB'
disconnect foo;
connection default;
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
user host password plugin authentication_string
foo localhost mysql_native_password *E8D46CE25265E545D225A8A6F1BAF642FEBEE5CB
set password for 'foo'@'localhost' = '';
select user,host,password,plugin,authentication_string from mysql.user where user='foo';
user host password plugin authentication_string
foo localhost mysql_native_password
drop user foo@localhost;
# switching back from mysql.user to mysql.global_priv
|
