Authenticate MySQL user against local Linux user account

Tim
January 2, 2023
246 views
1 vote
2 Answers

Is there a way to authenticate a remote MySQL/MariaDB user against the local Linux user account by the same username? I am thinking maybe there is a plugin that validates the user using /etc/passwd?

Hypothetical example:

CREATE USER 'newuser'@'remotehost' IDENTIFIED WITH auth_linux;

Use case: Lets say I change the password for a Linux user account. I would like to avoid having to update the password for the MySQL user as well, but having it being the same.

Answers

- AllanWind
- January 2, 2023 at 2:11 am
- 0 votes
0
You want to refer to authentication plugins in particular PAM. It looks like that is an Enterprise feature. You might be able to use the open source versions from Percona or MariaDB PAM.
```
INSTALL SONAME 'auth_pam';
CREATE USER username@hostname IDENTIFIED VIA pam;
```
Login or Signup to reply.

- danblack
- January 2, 2023 at 2:18 am
- 0 votes
0
You can avoid the password complexity by using the unix_socket authentication.
```
CREATE USER username@localhost IDENTIFIED VIA unix_socket;
```
This allows the unix user matching username to authenticate but no other user can authenticate as username.

MySQL has the same with a different syntax:
```
CREATE USER username@localhost IDENTIFIED WITH auth_socket;
```
Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.