MySQL Variables sha256_password_auto_generate_rsa_keys 数据库 参数变量解释及正确配置使用
本站中文解释
MySQL参数变量sha256_password_auto_generate_rsa_keys指定是否使用RSA密钥替代SHA256哈希密码来安全保护和管理MySQL用户的客户端/服务器通信。
这个变量的设置方法 非常简单,你只需要在MySQL的my.cnf中添加如下配置即可:
sha256_password_auto_generate_rsa_keys = 1
官方英文解释
sha256_password_auto_generate_rsa_keys
Command-Line Format | --sha256-password-auto-generate-rsa-keys[={OFF|ON}] |
---|---|
System Variable | sha256_password_auto_generate_rsa_keys |
Scope | Global |
Dynamic | No |
Type | Boolean |
Default Value | ON |
This variable is available if the server was compiled using
OpenSSL (see Section 6.3.4, “SSL Library-Dependent Capabilities”). It controls
whether the server autogenerates RSA private/public key-pair
files in the data directory, if they do not already exist.
At startup, the server automatically generates RSA
private/public key-pair files in the data directory if the
sha256_password_auto_generate_rsa_keys
system variable is enabled, no RSA options are specified, and
the RSA files are missing from the data directory. These files
enable secure password exchange using RSA over unencrypted
connections for accounts authenticated by the
sha256_password
plugin; see
Section 6.4.1.5, “SHA-256 Pluggable Authentication”.
For more information about RSA file autogeneration, including
file names and characteristics, see
Section 6.3.3.1, “Creating SSL and RSA Certificates and Keys using MySQL”
The auto_generate_certs
system variable is related but controls autogeneration of SSL
certificate and key files needed for secure connections using
SSL.