From 655a53478a3e205a7d2bf7c1ba6582aa6492e0cf Mon Sep 17 00:00:00 2001 From: Erik Thomsen Date: Tue, 3 Sep 2024 14:04:39 -0400 Subject: [PATCH] There are no longer any issues using the new password hashing (caching_sha2_password) found in MySQL 8+ --- Using-the-MariaDB-(MySQL)-Backend.md | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/Using-the-MariaDB-(MySQL)-Backend.md b/Using-the-MariaDB-(MySQL)-Backend.md index 232e4ce..cc13d33 100644 --- a/Using-the-MariaDB-(MySQL)-Backend.md +++ b/Using-the-MariaDB-(MySQL)-Backend.md @@ -1,7 +1,7 @@ > [!WARNING] >

⚠️ 💩 ⚠️

> ->

Our builds are based upon MariaDB client libraries since that is what Debian provides.
Support for the latest Oracle MySQLv8 version needs some extra attention.
If you insist to use MySQLv8 instead of MariaDB then create a user using an old password hashing method instead of the default one!

+>

Our builds are based upon MariaDB client libraries since that is what Debian provides.

> >

⚠️ 💩 ⚠️

@@ -108,26 +108,13 @@ volumes: CREATE DATABASE vaultwarden CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; ``` -2a. Create a new database user and grant rights to database (MariaDB, MySQL versions before v8): +2a. Create a new database user and grant rights to database (MariaDB, MySQL): ```sql CREATE USER 'vaultwarden'@'localhost' IDENTIFIED BY 'yourpassword'; GRANT ALL ON `vaultwarden`.* TO 'vaultwarden'@'localhost'; FLUSH PRIVILEGES; ``` -2b If you use MySQL v8.x you need to create the user like this: -```sql --- Use this on MySQLv8 installations -CREATE USER 'vaultwarden'@'localhost' IDENTIFIED WITH mysql_native_password BY 'yourpassword'; -GRANT ALL ON `vaultwarden`.* TO 'vaultwarden'@'localhost'; -FLUSH PRIVILEGES; -``` -If you created the user already and want to change the password type: -```sql --- Change password type from caching_sha2_password to native -ALTER USER 'vaultwarden'@'localhost' IDENTIFIED WITH mysql_native_password BY 'yourpassword'; -``` - You might want to try a restricted set of grants: ```sql GRANT ALTER, CREATE, DELETE, DROP, INDEX, INSERT, REFERENCES, SELECT, UPDATE ON `vaultwarden`.* TO 'vaultwarden'@'localhost';