15

Is there a way to encrypt the data file that mysql uses? I have a mysql server on an open machine, and I would like to encrypt the data file so even if someone copies the data files, they cannot read the data.

Thanks

Improve this question

6 Answers 6

Reset to default
6

To anyone researching a transparent MySQL encryption solution for Linux, there's a relatively new product on the block that we've been working with: http://www.gazzang.com/

I am not affiliated with Gazzang... just a happy customer.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

I've used it and it's good but a little over-priced for what we need
5

I am not sure what do you mean when you say that your machine is open. If people have access to the console, or to your account it is much harder of a task to encrypt the file.

Did you look at Truecrypt? It works for most popular operating systems and allows to create a virtual encrypted partition, lock down a hard drive partition,an external drive or a usb device.

Improve this answer

Comments

5

MySQL doesn't support data file encryption natively. There are 3rd products out there such as:

http://www.vormetric.com/products/vormetric_database_encryption_expert.html

There's a 'white paper' on the topic here:

http://www.vormetric.com/documents/FINALPart2DatabaseEncryptionCoreGuardvsColumnLevelWhitePaper7.pdf

To be honest, if the database content has any commercial value or contains personal data about individuals, you should really control who has access to the datafiles (whether encrypted or not). In the UK, leaving such data files open to casual passers-by, would be a data protection no no.

Improve this answer

1 Comment

Not just in the UK, that's a universal no-no and probably beyond.
0

You can use an encrypted filesystem, like the native one for NTFS on Windows or one of the various options for linux. In addition you can store the data encrypted.

Improve this answer

Comments

0

If you are using windows EFS and starting MySQL as a service, you will need to do the following:

  • go to Services and find the MySQL service
  • stop the service
  • right-click -> properties -> LogON TAB
  • check "This account"
  • fill your windows account name eg. ".\username"
  • provide your password
  • start the service

The MySQL service should now start without errors.

To use the windows EFS encryption:

http://windows.microsoft.com/en-us/windows/encrypt-decrypt-folder-file#1TC=windows-7

Read more obout it:

http://www.petri.co.il/how_does_efs_work.htm#

!!! Don't forget to export the certificate !!!

Improve this answer

Comments

-2

you could encrypt the data within mysql using the built in encryption functionality.

as for the files, any file solution should work fine.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.