So, I’ve started a new job as a Senior Database Engineer at Salesforce, and one of the services I help provide is adding users to MySQL. We have some nice chef recipes, so all I have to do is update a few files, including adding in the MySQL password hash.
Now, when I added myself, I just logged into MySQL and generated a password hash. But when my SRE (systems reliability engineer) colleague needed to generate a password, he did not have a MySQL system he could login to.
The good news is it’s easy to generate a MySQL password hash. The MySQL password hash is simply a SHA1 hash of a SHA1 hash, with * put in the beginning. Which means you do not need a MySQL database to create a MySQL password hash – all you need is a programming language that has a SHA1 function (well, and a concatenate function).
And I found it, of course, on this post at StackExchange. So you don’t have to click through, here is what it says – and I have tested all these methods and I get the same password hash. I have changed their example of “right” to “PASSWORD HERE” so it’s more readable and obvious where the password goes, in case you copy and paste from here.
MySQL (may require you add -u(user) -p):
mysql -NBe "select password('PASSWORD HERE')"
python -c 'from hashlib import sha1; print "*" + sha1(sha1("PASSWORD HERE").digest()).hexdigest().upper()'
perl -MDigest::SHA1=sha1_hex -MDigest::SHA1=sha1 -le 'print "*". uc sha1_hex(sha1("PASSWORD HERE"))'
php -r 'echo "*" . strtoupper(sha1(sha1("PASSWORD HERE", TRUE))). "n";'
Hopefully these help you – they have enabled my colleagues to easily generate what’s needed without having to find (or create) a MySQL instance that they can already login to.