search

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.
https://goteleport.com
GNU Affero General Public License v3.0
17.57k stars 1.76k forks source link

`tsh db connect` fails with mysql client version 9 #45962

Open greedy52 opened 2 months ago

greedy52 commented 2 months ago

Expected behavior: tsh db connect should succeed with mysql

Current behavior:

$ mysql --user teleport-admin --port 8888 --host localhost --protocol TCP
ERROR 2059 (HY000): Authentication plugin 'mysql_native_password' cannot be loaded: dlopen(/opt/homebrew/Cellar/mysql-client/9.0.1/lib/plugin/mysql_native_password.so, 0x0002): tried: '/opt/homebrew/Cellar/mysql-client/9.0.1/lib/plugin/mysql_native_password.so' (no such file), '/System/Volumes/Preboot/Cryptexes/OS/opt/homebrew/Cellar/mysql-client/9.0.1/lib/plugin/mysql_native_password.so' (no such file), '/opt/homebrew/Cellar/mysql-client/9.0.1/lib/plugin/mysql_native_password.so' (no such file)

Bug details:

This is an upstream issue tracked here: https://github.com/Homebrew/homebrew-core/issues/180498

Downgrade 8.4 works fine. (brew install mysql-client@8.4)

However we should investigate MySQL version 9 in general and move away from native password auth: https://github.com/gravitational/teleport/blob/d489930f6ae798013289270726ffef78e1831ec4/lib/srv/db/mysql/proxy.go#L174-L180

SMillerDev commented 1 month ago

It is an upstream issue, but it seems nobody actually reported it upstream to MySQL yet.