If you are like me and you spend chilly spring evenings relaxing by the fire, reading the manual for the upcoming MySQL 8 release, you may have seen Caching SHA-2 Pluggable Authentication in section 18.104.22.168.
There are now TWO SHA-256 plugsins for MySQL 8 for hashing user account passwords and no, I do not know what the title of the manual pages says SHA-2 when it is SHA-256. We have sha256_password for basic SHA-256 authentication and caching_sha2_password that adds caching for better performance.
The default plugin is caching_sha2_password has three features not found in its non caching brother. The first is, predictably, a cache for faster authentication for repeat customers to the database. Next is a RSA-based password exchange that is independent of the SSL library you executable is linked. And it supports Unix socket-files and shared-memory protocols -- so sorry named pipe fans.
If you have been testing the release candidate and use older clients or older libmysqlclient you may have seen Authentication plugin 'caching_sha2_password' is not supported or some other similar message. You need updated clients to work with the updated server. Old clients used the old MySQL native password password not the new chaching_ha2_password as the default.
When upgrading from 5,7,21 to the 8 GA version, existing accounts are not upgraded, But if you are starting with a fresh install you get the chaching_sha2_password in your mysql.user entry. I am sure this will catch someone so please take care. And this goes for new replication servers too!
- MySQL 8.0 Source Code Improvements
- End of an Era: Neither MC nor Continuent Attending Percona Live