When I run a mysql command in a script, "Warning: Using a password on the command line interface can be insecure" is displayed
My name is Ito and I am an infrastructure engineer.
We use a script to back up our database every night.
The version of MySQL that I often use is 5.5, but I had a chance to use 5.6, and when I installed and executed the script as usual, I got the following log.
Warning: Using a password on the command line interface can be insecure
Click here for information on MySQL version upgrades.
Even though I was using the same script as before, an unfamiliar warning was being output.
It's fine if it just appears, but cron will send you an email. . .
Having passwords visible in the command line interface is not secure.
The meaning of the output Warning message is as follows.
In addition to being output by the script, it is also output when you type the password directly in the command.
The following is an example of logging in using the mysql command with the -p option and a password as an argument.
You can see that it is output on the second line.
# mysql -uroot -ppassword Warning: Using a password on the command line interface can be insecure. Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 3548981 Server version: 5.6.30-log MySQL Community Server (GPL) Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help ;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
If you use only [-p] and enter the password separately, no output will be generated.
Writing directly is not secure! ! This is a Warning.
Export the password part to the conf file
The workaround to prevent this warning from appearing is to read from an external file.
Create a file to be read externally.
# vim dbaccess.cnf [client] user = hoge password = hogehoge host = 192.168.1.1 Since the password is written in the file, access privileges are minimal # chmod 400 dbaccess.cnf
All you need to do is read this file using the mysql or mysqldump command.
# mysql --defaults-extra-file=dbaccess.cnf Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 72755232 Server version: 5.6.30-log MySQL Community Server (GPL) Copyright (c ) 2000, 2016, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql>
You can connect successfully, so it's OK if you incorporate this into your script.
I have written other articles about MySQL, so them out as well.