Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature Request: Allow for storing hashed caching sha2 credentials in static auth server #17947

Open
dbussink opened this issue Mar 11, 2025 · 0 comments · May be fixed by #17948
Open

Feature Request: Allow for storing hashed caching sha2 credentials in static auth server #17947

dbussink opened this issue Mar 11, 2025 · 0 comments · May be fixed by #17948
Assignees
@dbussink
Labels
Component: Authn/z Authentication / Authorization / Certificates Type: Enhancement Logical improvement (somewhere between a bug and feature)

Comments

@dbussink
Copy link
Contributor

Feature Description

It's possible today to store hashed credentials with the static auth server in a file when using mysql_native_password. This allows for the credentials to be not human readable as they are one way hashed.

When using caching_sha2_password, this currently only works with a plain text password in the file. We should also allow for storing those values hashed as well so they are not in plain text anymore.

Use Case(s)

Better security for passwords when using caching_sha2_password with the static auth server.
@dbussink dbussink added the Needs Triage This issue needs to be correctly labelled and triaged label Mar 11, 2025
@dbussink dbussink self-assigned this Mar 11, 2025
@dbussink dbussink added Component: Authn/z Authentication / Authorization / Certificates Type: Enhancement Logical improvement (somewhere between a bug and feature) and removed Needs Triage This issue needs to be correctly labelled and triaged labels Mar 11, 2025
@dbussink dbussink linked a pull request Mar 11, 2025 that will close this issue
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dbussink dbussink

Labels
Component: Authn/z Authentication / Authorization / Certificates Type: Enhancement Logical improvement (somewhere between a bug and feature)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for hashed caching sha2 passwords planetscale/vitess
1 participant
@dbussink