The FreeBSD Diary

The FreeBSD Diary (TM)

Providing practical examples since 1998
[ HOME | TOPICS | INDEX | WEB RESOURCES | BOOKS | CONTRIBUTE | SEARCH | FEEDBACK | FAQ | FORUMS ]
Keeping mysql passwords secure 19 April 2000
Share
Need more help on this topic? Click here
This article has no comments
Show me similar articles
Regular readers will remember my article about installing and configuring mysql.  In that article you'll see how I did a database backup.  I've found a way to improve that script.
~/.my.cnf
The script I use for backing up my database is available from:

samples/database_dump2.sh.txt

In that script, I include the password in the call to mysqldump.  That's not the best thing to do.  So I found a way around it by reading the documentation.   At http://www.mysql.com/php/manual.php3?section=Password_security I found the following

Store your password in a configuration file. For example, you can list your password in the [client] section of the `.my.cnf' file in your home directory:

[client]
password=your_pass

If you store your password in `.my.cnf', the file should not be group or world readable or writable. Make sure the file's access mode is 400 or 600. See section 4.15.4 Option files.

So that's exactly what I did.  Now you can use this to connect to your database without having to specify the password on the command line.  This is ideal for scripts. And the updated script is at samples/database_dump2.sh.txt

NOTE: the file name ends in .cnf and not .conf like many configuration files.

If you use this feature, do not use the -p option on mysql.

Share
Need more help on this topic? Click here
This article has no comments
Show me similar articles
Servers and bandwidth provided by New York Internet and SuperNews Valid HTML, CSS , and RSS.
Copyright © 1997-2012 DVL Software Ltd.
All rights reserved.