Re: management of mysql-keyring file
I mean the purpose of using a key function in the file and encryption. If the key must be available at all times during the operation of the mysqld process, then at the moment of intercepting the data files, we also have the possibility of intercepting the key.
From a security perspective, encrypted data stored together with access to the key on the same server and the lack of encryption are equivalent. Then it's pointless to use it.
I thought that the best solution is provide the encryption key file only for some short moment (where security level is higher). MySQL loads that encryption key into process. Then physical encryption key file is removed until backup for example or rotation of key or another start of process (then it may be provided in controlled secure way).
And I verified it on MySQL. If we remove key and save data in database, encryption is still working. File is not needed, until restart. But I would like to have confirmation when exactly mysqld process checks the file.
Is it only in these two events: start and rotation?
You mentioned:
"It is not safe to be "moving" anything from under a running server."
My question is why?
Encryption key file is not part of data directory. It's simply .json file.
I read that lack of encryption key file will trigger error in log file that's all, but I want to know all situations when it may happen. It's not described officially.
I'm not asking about enterprise solution like storing keys in the vault.
Subject
Views
Written By
Posted
122
April 28, 2025 02:39AM
73
April 30, 2025 01:49AM
Re: management of mysql-keyring file
93
April 30, 2025 02:15AM
Sorry, only registered users may post in this forum.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.