Reputation: 11830
Clear text password entry showing when using mysqldump through SSH session
The following will dump a DB onto my machine from a remote machine (and also gzips):
ssh [email protected] "mysqldump -u root -p db_name | gzip -c" > dn_name.sql.gz
How come the host password is hidden correctly but the password entry for mysql is clear text?
Thanks :).
Upvotes: 2
Views: 725
Answers (1)
Reputation: 42040
Because if you enter a password non-interactively in a shell, it can always be seen by other users in the process tree.
If you are running the process as root anyway, then root user should itself secured enough, so you should make no-password-required dumping available for the root user.
Another option is creating a .my.cnf file in the home directory, make it only readable and writeable by root (chmod 600).
Here are the contents of the said .my.cnf file:
[mysqldump]
user = mysqluser
password = secret
This way the user and password should be entered automatically without the chance of being compromised.
Upvotes: 2
Related Questions
- How to perform a mysqldump without a password prompt?
- Why does mysql command over ssh does not prompt for password?
- mysqldump from remote host
- MySQLDump to local machine from remote server connected via SSH
- mysqldump is not saving user password
- Escape password in mysqldump command
- mysqldump with ssh connection in shell script
- mysqldump ask for password even thou given on commandline/config-file
- mysql password is messing up my dump
- mysqldump. How to set in this command password?