Join Log in
Score:0
avatar Ubuntu

Encrypt database in var/lib/mysql

sa flag
mmd604

I have Database I want to Encrypt located in var/lib/mysql. Is it possible to Encrypt the whole mysql directory? How would I go about doing this

20
0 + 0
in flag
matigo
You would need to encrypt a volume to have a pseudo Encryption at Rest setup, not a directory. Note that the contents of the database will also end up in unencrypted locations, such as temporary storage and non-flushed buffers.
1
Reply
Score:0
avatar Ubuntu
cn flag
Rinzwind

Is it possible to encrypt the whole mysql directory?

No. eCryptFS (that would be the tool to use) encrypted directories are only accessible by the users that mount them. MySQL doesn't run as your user and can use more than 1 user to do its tasks so that creates a problem.

Is it possible to encrypt mysql? . How would I go about doing this

Create a partition, encrypt it using LUKS and then use that to mount 1 of the parts of the directory /var/lib/mysql/. It should be considered an advanced user task so make sure to make backups and know how to undo whatever you do to set this up. https://askubuntu.com/a/1335327/15811 explains how to use LUKS.

Mind that with an encrypted partition a reboot will never automatically start MySQL since you will need to manually unlock the partition when the system boots.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.