Re: MySQL Secure Replication
there seem to be a lack of documentation on this part. Mostly because it can't be done (that I'm aware of). if it can't be done, why is it in the documentation already. i can understand that if 4.0.x is still in alpha or beta stage. but now it is almost near release (gamma). the official mysql documentation (http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Database_Ad ministration.html#Replication_Options) actually defines a few variables pertaining to ssl replication (master-ssl, master-ssl-key, master-ssl-cert). doesn't this tell you that ssl replication is already supported? regards, ivan - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: MySQL Secure Replication
is there any way you can implement a secure replication via ssh or sth else? regards, ivan At 23:17 +0800 1/16/03, Ivan Hoo wrote: there seem to be a lack of documentation on this part. Mostly because it can't be done (that I'm aware of). if it can't be done, why is it in the documentation already. i can understand that if 4.0.x is still in alpha or beta stage. but now it is almost near release (gamma). the official mysql documentation (http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Database_A d ministration.html#Replication_Options) actually defines a few variables pertaining to ssl replication (master-ssl, master-ssl-key, master-ssl-cert). doesn't this tell you that ssl replication is already supported? No, it cannot be done. Those options have been added, yes, but they do nothing at the moment. You can specify the options and they'll be parsed, but nothing is done with their values yet. - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: MySQL Secure Replication
Except with stunnel (often recommended) or SSH (which I've had running for months doing this). PS, as with the MySQL daemon, I run my ssh tunnel under 'supervise' so as to make sure its always there and restarts if it gets killed / dies / is stupid / upgraded. Right. I should have said there's no built-in way it can be done because folks have doing secure replication via ssh/stunnel for years now. :-) how do you secure the replication link between the master and the slave using SSH. i understand that you can do that over mysql client and its server. pls enlighten me coz i m looking high and low for a solution on this issue. regards, ivan --- [This E-mail scanned for viruses by Declude AntiVirus] - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
replication user privilege
for a normal replication, you need to create a replication user by issuing such command: GRANT FILE ON *.* TO repl@% IDENTIFIED BY 'password'; for a secured replication (mysql-4.0.7-gamma), do you need to issue a REQUIRE SSL, eg: GRANT FILE ON *.* TO repl@% IDENTIFIED BY 'password' REQUIRE SSL; but when REQUIRE SSL is issued, the slave would not be able to connect to the master anymore. i would really appreciate if someone could guide me to the correct way of implementing a secured replication setup for mysql. also, here is my.cnf configuration for the slave: [mysqld] [...] log-bin server-id = 2 master-host = 192.168.1.1 master-user = repl master-password = $jhM*prs master-ssl master-ssl-key = /usr/local/ssl/certs/some.key master-ssl-cert = /usr/local/ssl/certs/some.crt regards, ivan - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
MySQL Secure Replication
hi All, has anyone been able to setup ssl secure replication for mysql? how do i know whether the replication is actually done over ssl? there seem to be a lack of documentation on this part. appreciate a lot if someone could provide some feedback on this. i m currently running mysql-4.0.7-gamma (compiled from source --with-vio --with-openssl=/usr/local/ssl) on a standard redhat linux 7.3. regards, ivan --- [This E-mail scanned for viruses by Declude AntiVirus] - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php