MYSQL :: Encryption / Authentication

SSL Encryption
is it true, that MySQL 4.x can do SSL encrypted connections only with
a server AND a client certificate? I've got a working SSL connection
if I use both, mysqld and mysql with certificate, key and
ca-certificate. How can I use SSL if the mysql client must not have
access to the private key? Any help or links to a good documentation
is welcome.

Encryption
Can anyone advise whether its possible to use the Encode/Decode functions on Windows (Win2K) platform in Mysql & PHP.
A book i'm using says they cannot be used in windows yet i've managed to get my application successfully Encoding a password at the time of using an, 'Insert INTO' qry - its stored ok as a BLOB (field was set-up as a BLOB). Problem is i cannot use the DECODE() to reverese things. When tried i get a 'cannot excecute query' type mssg.
Looked at MD5 and SHA1 but they are one-way funcs only.
I like the look of AES and DES ENCRYPT/DECRYPT but can't get them to work either.

Using AES_ENCRYPT For 256 Bit Encryption
I just started using AES_ENCRYPT to encrypt records in my databases. For the most part, the default 128 bit encryption is fine. But, I would like to use 256 bit for one of my forms. According to the MySQL documentation you can use the function for either 128 or 256 but I don't understand how to get it to do 256.

The documentation says:"Encoding with a 128-bit key length is used, but you can extend it up to 256 bits by modifying the source." - http://dev.mysql.com/doc/refman/4.1/...functions.html

What source do I have to modify to get it to use 256?

Looking For Encryption Tool
I have a prospect that needs to collect sensitive personal data via the web
for mortgage applications. A certificate & SSL seems to protect the data
from the browser to the server, but I need some way to encrypt the data for
storage in mysql and (possibly) into a flat file for retrieval by the
prospect. I have not been able to find a simple solution for this
compatible with BSD and Apache.

Securing My DB With Encryption
I have set up two tables in our DB, and we want to add a third, but this one is credit card info, and need to be secured. What's the best way to do it by encryption?

Password Encryption
What I'd like to do is have an html login page using php to process the request, and then compare the input strings to a username & password stored in a SQL table.

My question is though, what is the best way to store the password in the mySQL table. Is it better to store it as an encrypted value, and can I do this?

Password Encryption
currently using mysql with c# coding.
I need to know how do i encrypt password so that it will not show the password
in plain text when i access the database.

AES Encryption/Decryption
I have a questiosn regarding AES Encryption/Decryption.

I understand the basics of how it works however i am stumped.

What i am currently trying to do it have a table that contains user information. Now when an authenticated user views this information they are showing all there details in plain text.

Thats fine but what i require is a master key so that if need be the system admin will be able to decrypt any data in the mysql db using there master key.

Is there anyway to do this? either by design or code.

Data Encryption
I am using MySQL on a Windows XP system. I was wondering if there is anyway that I could use OpenSSL (I currently have beta 6 on a dev machine) with MySQL on Windows XP?

Password Encryption
When adding a password entry to a database I believe you can encrypt its value using PASSWORD(str) but could someone please confirm what data type I should use for the column in which it is stored?

Encryption And Decryption
i need a solution to the following requirement
There is a column, for which data should be encrypted in the database, something
like password, where the actual data should not be displayed when i say
select * from tablename, instead, the encrypted text should be displayed, and
that text need to be decrypted again, can anyone please tell me how to do it
front end is java

Need To Modify Input For Encryption
I encrypted a database field using MySQL AES_ENCRYPT() from a command prompt.

I can easily decrypt it because the code specifies a Query but the INSERT is an ADODB insert (see below):

PHP

runQuery($db ->GetInsertSQL($rs, $_POST, true));

I need to AES_ENCRYPT one of the $POST fields before it goes into this but I don't see how? Mcrypt is not installed on server so MySQL functions are what I need to use.

Credit Card Encryption
I am just having my first experience with storing credit card details into a mysql database with php. I am on a ssl server of course and everything works fine but I am interested in any other security recomendations.

Currently CC details are stored directly into the database as they were typed, should I be encrypting the CC details with mcrypt_enrypt() before storing them and then dectypt them when displaying on the "view card details page"?

Securing The AES Encryption Key Using Windows EFS?
I'm planning on using AES encryption methods which require an encryption key. I don't want to store this key as a string literal within my Java front-end web application because of the security risk associated with reverse engineering the Java .class files and obtaining the AES encryption key.

I was thinking of storing the AES encryption key in a file, and then reading this key from the Java application to use within the AES_ENCRYPT function. The file would be encrypted using Windows Encryption File System (EFS) since I'm deploying on a Windows server.

Benefits I see to this approach are that the AES encryption key is stored separate from the .java application, and the file containing the key is encrypted to everyone except the Windows account that encrypted the file.

The drawbacks are the application needs to have rights to accesss the file, the protection of the key now hinges on the Windows Account used to encrypt the file (if that is compromised then the key could be discovered); also, I need to further research where the private key used to encrypt the file is stored on Windows and how secure that is.

Login / Password Encryption
i am trying to create a very simple login system. all it does it input user data including a password and then when logging it it compares user name and password entered to find the user id (if exists) and then says you are logged in if a result was found. my problem is no results are ever found.

i have found that no matter what i do the password() function never returns the same value when im trying to select a user id with password=password('$inputedpassword') in the query to look up the user id.

so basically when i register the password is turned into a mess with password(), but wheni log in and use the same password() on it, it gives me something different.

BUT if i register under another user name and then use the same password, password() will give me the same mess (i checked this in the databse).

so i dont know why password() wont do the same thing when im using it in the query in login.php so that i can compare the passwords correctly. the only way i've been able to get this to login is to not encrypt anything. i have tried using md5 but that is giving me this same problem too. Code:

MySQL Logging And Encryption
If logging is turned on, is there a way to disable it for a given query?

IE. If I query --> select AES_ENCRYPT("This is very important data",
"lessthansecretkey");

Then my key and the value I'm trying to encrypt is visible in the log
files.

Encryption Of User / Pass In Odbc.ini / Alternatives
Does anyone know of a more secure way than storing the username and password
to the database connection within the odbc.ini ? We are using PHP on one
server connecting to a MySQL 4.0 database ?

Authentication
I'm new with mysql and I feel very stupid for having to ask this but I'm trying to program against it and I don't know what my username and pw are. When I installed it, I put in a pw so I'm pretty sure I know what that is, but what is the username I should be using when trying to execute sql commands against it with php?

Authentication
Is there any config file or update to have MySQL use HPUX authentication or NT authentication. for the Windows apps. (Query browser and MySQL Administrator)

Authentication
i want to make a user that can only see one database here with a seperate limited access.

Authentication
I am trying to set the root password, but all I get is:

$ ./mysqladmin -u root password <newpassword>
./mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user 'root'@'localhost' (using password: NO)'

I have no problems connecting like this:

./mysql -u mysql

In the latter case, I cannot do anything. For example

mysql> CREATE DATABASE one;
ERROR 1044 (42000): Access denied for user ''0'localhost' to database 'MoonlightDB'

Slow Authentication
MySQL V 5.0.18 on SUSE 10.1

I'm not a complete *nix noob, but I sure as hell ain't a *nix or MySQL pro.

This is a new installation. Everything screaming fast. Unless it deals w/authentication.

Try to get in w/SQLyog from W2K locally ... intitial connection takes ~20 seconds. Then everything screaming fast.

Web Server (W03) attempts to connect via MyODBC ... same result ... initial connection takes ~20 seconds. Subsequent queries screaming fast.

VNC into the box at any time ... everything fast. (would seem to eliminate network/connection issues)

Authentication To MySQL
i have one problem with l'authentication to the MySQL;
I am using the language Java and i access to the data-base in following

db = DriverManager.getConnection("jdbc:mysql://localhost:3306/" +
nomeDB + "?user=" + nomeUtente + "&password=" + pwdUtente);

but I do not want insert pwdUtente and nomeUtente in the source-code,
What can i do?

User Authentication
I do know how to create user logins and such.what I need to know is once a user logs in and submits his data (CSV) to Mysql DB,how do i ensure that the data goes into his account.In other words,whats the best way to manage user accounts and control the data that goes into that.

Windows Authentication
I would like to a Windows Authentication with MySQL (similar to the Windows Authentication available for SQL Server).

Does anyone knows how it can be done?

Authentication Protocol
I am trying to run an application using MySQL as a DB, but i am receiving the following error message:
"Client does not support authentication protocol requested by server; consider upgrading MySQL client"
I am using MySQL Client Version 5.0.11
Could someone tell how can I fix this issue.

MySQL And PHP Authentication
I'm getting the following error while trying to connect via php to an existant mysql (local) server:

Warning: mysql_connect(): Client does not support authentication protocol requested by server; consider upgrading MySQL client.
I have latest PHP and MySQL installed.

This seems like the password problem (new password system now) the older was 16 bits right? Thing is... My PHP should support this, its 5.x and I have latest mysql as well.

Authentication Protocol
You have no license for using PerlDesk! DBI connect('perldb:localhost','webuser',...) failed: Client does not support authentication protocol requested by server; consider upgrading MySQL client at lib/PerlDesk/App.pm line 408 Compilation failed in require at lib/PerlDesk/App/License.pm line 3. BEGIN failed--compilation aborted at lib/PerlDesk/App/License.pm line 3. Compilation failed in require at lib/PerlDesk/App/Installer.pm line 9. Compilation failed in require at C:/Program Files/Apache Group/Apache2/cgi-bin/install.cgi line 25.

Windows Authentication
Can MySQL use windows authentication?
If so, what are the changes to the connection string for this?

Authentication Protocol
I am running winXP, mysql, vb 6.0/vbscript.
when i connect through odbc it gave me the following error.
Run-time error'-2147467259 (800004005)
[MySQL][ODBC 3.51 Driver] Client does not support authentication protocol requested by server; consider upgrading MySQL Client

When i connect this mysql with vb 6.0/vbscript in windows 98 it runs perfectly.

Passwords / Authentication
I have just started messing around with MySQL and something I find weird is that we connecting using localhost, if I supply the password, it will not authenticate...if I leave the password off, it's fine.If I connect from another machine, it requires the password or it will not authenticate.Is that normal?

Authentication Protocol
I recently had a crash with MySQL-Max 4.0.5beta in the Windows 2000 Server inviroment. I uninstalled it completely and salvaged the DATA directories. So i decided to go ahead and upgrade the MySQL to Server 4.1.7. But now I get an error message from all my scripts that tell me the following.
Warning: mysql_connect(): Client does not support authentication protocol requested by server; consider upgrading MySQL
Can some one please assist me in fixing this matter. I am very limited in MySQL and have done hours of research trying to fix this matter.

Support Authentication
i have installed php4.4 with iis and mysql5 and phpmyadmin is 2.5 version and mysql administration tool too i get the error client does not support authentication protocol,
i will be very pleased if someone suggest a good workin version for all mysql php and phpmyadmin

Authentication Protocol
I am having trouble with my MySQL database, so when I run a script I receive the following error:
'Warning: mysql_pconnect() [function.mysql-pconnect]: Client does not support authentication protocol requested by server; consider upgrading MySQL client in c:wwwdcdjpaneldatabasedb.php on line 27
Client does not support authentication protocol requested by server; consider upgrading MySQL client'
I understand that it has something to do with old db access libraries. I really don't understand the instructions to be done, so if I could be provided with a full-detail list of instructions on fixing this error, I'd appreciate it.
By-the-way, I looked into the documentation of the MySQL software and looked at the website for support, which was a little pricy for one needed solution.

Authentication Protocol
A problem with MYSQL Front 3.1 that will not connect.
I understand that there is a problem with MySQL changing the password hasing functions in ver 4.
One solution is to start the server with the --old-passwords flag, how do i add the flag??

Best Approach To User Authentication?
So I'm setting up a php/mysql driven website on our company's intranet. I need to setup username's and passwords for different individuals because they all need access to different parts of the site.

Now I'm reading up on how to do user authentication. One way I am reading about, involves creating a username/password table in the database, and when the user attempts to login in some generic php/html form, the php logs into the database using a generic login/password, then checks to see if the user's login/password match up with what is in the table.

That's an interesting way to do it. But the thing that is odd to me is that you actually log into the database using a generic login/password (hidden in the php script) and you would simply have to control what the user has access to in your frontend code, based off their login.

MySQL has it's own user authentication system in place, where you create logins and passwords for the database and control what databases and tables they have access to and control what they can do with them. So why wouldn't you do it this way?

Sorry if this sounds confusing, but hopefully users experienced in this understand where I am coming from.

Authentication / Permission Basics
I have a number of users like 'fred', who can access MySQL 4.1 from %.fredworld.com. He has full access to his own database, fred. No other permissions defined.

What's the best way for me to allow every user to connect from localhost. After reading up on http://dev.mysql.com/doc/refman/4.1/en/connection-access.html I thought the answer might be to do:

insert into user (host, user) values ('localhost', '');
flush privileges;

but this doesn't do what I want. How should I go about this?

MySql / Php Authentication Problems
whenever I try to access mySql, I alway's get the following error:

#1251 - Client does not support authentication protocol requested by server; consider upgrading MySQL client

A little extra info (if needed):
-I just installed php v 4.3.1, apache 2, and mySQL 4.1
-It's all on my laptop (if it makes a diffrence)
-It's on a windows platform

Client Does Not Support Authentication
The problem is that when i browse to http://reception/admin/index.php? and enter username and password I recieve the following message

1251 - Client does not support authentication protocol requested by server; consider upgrading MySQL client

But i can log into mysql using the command prompt

Mysql User Table For Authentication
What is the best way to store usernames/password information within a mysql Table? Is there a way to encrypt the columns that house this data?

Fields In Users Db Table For Authentication
which fields do you place in your db for user authenication?

for example..:
CREATE TABLE `users` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`Username` VARCHAR(40) NOT NULL default '',
`Password` VARCHAR(40) NOT NULL default '',
`Lastlogin` datetime default NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
) ENGINE=MYISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin;

i wonder for some more useful fields for software logging/management people sometimes (or seldom :-)) use like:
lastip
createdon
lastlogin
active ('yes', 'no', 'banned') -

Connection String Authentication To My Server
I'm having a tough time figuring out the proper connection string to connect to my existing database.

Using:
* MySQL server 4.0 on a remote Linux Server.
* Developing in VS 2005 (VB) on a PC that is apart of our corporate MS domain.
* Downloaded and installed Connector/Net 2.0

Problem:
I'm using the connection string: ("server={0}; user id={1}; password={2}; database=test; pooling=false", server.Text, userid.Text, password.Text)

When executed with userid="sam" the error message that is returned is "Access denied for user: "sam@<mypc>.<corporatedomain>.com"

When executed with the userid="sam@<remotehost> the error message returned is "Access denied for user "sam@<remotehost>@<mypc>.<corporatedomain>.com". No matter what I do, the connector keeps appending my current domain id to the end of the user string.

"sam" is a authorized user for the MySQL on the remote linux host (been using it for years).

Client Does Not Support Authentication Protocol
If I create a user, say 'dbadmin' with full access on hosts 'All' and 'localhost' I cannot connect using PHP. I get the error:

mysql_connect(): Client does not support authentication protocol requested by server; consider upgrading MySQL client.

If I make the connection with root on any of the local IP addresses the connection is fine and the database updates correctly.

Any thoughts? I suspect a problem with the use of the socket, but phpinfo() correctly returns the mysql settings.

Support Authentication Protocol Upgrade
I have been using a script on my server for 2 years today I get this message Is it the script or the server?

Warning: mysql_connect() [function.mysql-connect]: Client does not support authentication protocol requested by server; consider upgrading MySQL client in /home2/cruisew/public_html/cruisevacationcenter.net/test/inc/db_wrapper.php on line 11
AAAClient does not support authentication protocol requested by server; consider upgrading MySQL client

Authentication Problem On Nonstandard Port
I am running two database instances of mysql (one on a nonstandard
port). After granting users permissions I find that I can access
mysql from other machines only if I use the standard port. When I use
the non-standard port I can only authenticate if I am on the box where
the database is running. Also some previously set up users can
authenticate through the non-standard port (sadly no one knows how
those users were set up). What do I need to do to allow for
authentication on the nonstandard port ex:

mysql -h<HOST> -u<USERNAME> -p
(defaulting to standard port works)
mysql -h<HOST> -u<USERNAME> -P<NON-STANDARD PORT> -p
(fails)

1251 Client Does Not Support Authentication Protocol ....
I just installed MySQL 4.1 on my computer! While i was working with a Dreamwaver I tried to connect to MySql but i coldn't! The following massage appeared:

1251 Client does not support authentication protocol requested by server; consider upgrading MySQL client.

Authentication Trouble About Mysqldump: Error 1045
I got a quite strange problem when I tried to setup a database backup
shell. I put it this way:

"bin/mysqldump --opt --user=xxx --password=xxx DB > DB.bak"
However, error 1045 came to me to say "Access denied for user
'xxx'@'localhost' (using password: YES) when trying to connect".
None the less, I'm absolutely full of confidence on my correct username
and password, simply because if I do it this way:

"bin/mysqldump --opt --user=xxx DB > DB.bak",and input the same
password, everything goes well.
Could you please give me some suggestion concerning the issue?

Encryption / Authentication

I need to find out if it's possible to do two things with mysql. The =first is external authentication, preferably with kerberos5, but PAM =will work as well. Second, encrypting the data stream. Specifically =with jdbc connections.

I need to find out if it's possible to do two things with mysql. The =
first is external authentication, preferably with kerberos5, but PAM =
will work as well. Second, encrypting the data stream. Specifically =
with jdbc connections.