Get MySQL Passwords in Plain Text from .mylogin.cnfRoman Vynar
Since MySQL 5.6.6, it became possible to store MySQL credentials in an encrypted login path file named .mylogin.cnf, using the mysql_config_editor tool. This is better than in plain text anyway.
What if I need to read this password in plain text?
Perhaps because I didn’t save it? It might be that I don’t need it for long (as I can reset it), but it’s important that I get it. 😎
Unfortunately (or intentionally), mysql_config_editor doesn’t allow it.
[root@db01 ~]# cat /root/.mylogin.cnf
[root@db01 ~]# mysql_config_editor print --all
user = root
password = *****
I wrote this blog post because I just faced this issue. I needed to get the password out of there. Surprisingly, it is simpler than I thought. While looking for an answer I found that some people created scripts to decrypt it (as it uses the AES-128 ECB algorithm), sometimes getting the MySQL code source or simply using a scripting language.
However, it turns to be very simple. mysql_config_editor does not provide this option, but my_print_defaults does!
[root@db01 ~]# my_print_defaults -s client
my_print_defaults is a standard tool in the MySQL server package. Keep your passwords safe!