[debian-mysql] Bug#845648: Bug#845648: mention how to deal with Pre-4.1 password hash found. It is deprecated and will be removed in a future release. Please upgrade it to a new format warning
Norvald H. Ryeng
norvald.ryeng at oracle.com
Fri Nov 25 15:23:53 UTC 2016
On Fri, 25 Nov 2016 22:49:52 +0800
積丹尼 Dan Jacobson <jidanni at jidanni.org> wrote:
> Package: mysql-server
> Version: 5.7.16-1
>
> Upon upgrade user sees
>
> Pre-4.1 password hash found. It is deprecated and will be removed in
> a future release. Please upgrade it to a new format.
>
> This message is not enough.
>
> There is only one user on the system.
I agree that the message could've been more precise, e.g., list which
users have old password hashes. This message is output by the
mysql_upgrade script when one or more database users have old,
cryptographically weak password hashes.
You can list the users:
SELECT * FROM mysql.user WHERE LENGTH(password) = 16;
> How does user reset this (which?) password?
ALTER USER 'user' IDENTIFIED BY 'password';
See http://dev.mysql.com/doc/refman/5.7/en/alter-user.html for more
options.
> Yes I am willing to type my password in again. What is it? A user
> password? A system password? A database password? What? Which user?
See above.
> How does user check that the problem is then fixed?
The above query will return no rows.
Here are a few links that explain what's going on:
http://www.tocker.ca/2014/05/14/proposal-to-deprecate-the-old-password-format.html
http://mysqlserverteam.com/removal-and-deprecation-in-mysql-5-7/
http://mysqlblog.fivefarmers.com/2012/05/30/why-your-pre-4-1-client-wont-like-mysql-5-6/
http://dev.mysql.com/doc/refman/5.7/en/password-hashing.html
https://www.percona.com/forums/questions-discussions/mysql-and-percona-server/12516-mysql_upgrade-failing-on-5-5-to-5-6-in-place-upgrade
Regards,
Norvald H. Ryeng
More information about the pkg-mysql-maint
mailing list