MariaDB Data At Rest Encryption Guide

MariaDB data at rest encryption involves 5 steps: 1. Configure MariaDB encryption by adding plugin and encryption settings to the config file. 2. Generate an encryption key file using OpenSSL. 3. Encrypt the key file using OpenSSL for security. 4. Restart MariaDB for the encryption to take effect. 5. Query information_schema tables to find which tables are encrypted.

Uploaded by

Alwin Figarafo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

235 views2 pages

MariaDB Data At Rest Encryption Guide

Uploaded by

Alwin Figarafo

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

MariaDB Data At Rest Encryption

Step 1 – Configuring MariaDB Encryption

Add these lines to an existing MariaDB config file within the “mysqld” section.
plugin_load_add=file_key_management
file_key_management = ON
file_key_management_encryption_algorithm=aes_cbc
file_key_management_filename = D:\Alwin\mariadb\keyring\mariadb_encryption.key
file_key_management_filekey = Assyst@123
innodb_encrypt_tables = ON
innodb_encrypt_log = ON
aria_encrypt_tables = ON
encrypt_tmp_disk_tables = ON
innodb_encryption_threads = 8

Step 2 - Creating The Encryption Key

In order for MariaDB to encrypt our data using a key, you need to install OpenSSL toolkit for
generating a unique key.
After installing OpenSSL toolkit, we can generate a unique key using the following command.
openssl rand -hex 16 > D:\Alwin\mariadb\keyring\mariadb_encryption.txt
The above command will create a file named mariadb_encryption.txt with key in it. We need to
open this file using a file editor to add an identifier to this key.
Prepend the line with “1;” so it looks like the following:
1;1fa9e9ba1ca4efa507d0d7512aab1bfd
Step 3 – Encrypting The Encryption Key
We need to encrypt the key using OpenSSL toolkit installed in our system. For that just execute
the following command.
openssl enc -aes-256-cbc -md sha1 -in D:\Alwin\mariadb\keyring\mariadb_encryption.txt -
out D:\Alwin\mariadb\keyring\mariadb_encryption.key
You will also need to add your password to the line beginning with
file_key_management_filekey in the config file you added in the “Configuring MariaDB
Encryption” section.
Without this key, the data cannot be read.

Step 4 - Restart MariaDB Service

We need to restart MariaDB service after completing MariaDB configuration for encryption.

Note : It is also better to have the key file and encrypted key file to be placed separately in a
removable device, because MariaDB only needs the key when it starts up. Once the service is
running, the key can be removed from the system.

Step 5 – Find The Encrypted Tables

In order to find the tables that are currently encrypted, we need to execute the following
query.
SELECT st.SPACE, st.NAME, te.ENCRYPTION_SCHEME, te.ROTATING_OR_FLUSHING
FROM information_schema.INNODB_TABLESPACES_ENCRYPTION te
JOIN information_schema.INNODB_SYS_TABLES st
ON te.SPACE = st.SPACE

If the column ENCRYPTION_SCHEME returns a value of 1, it means that the table(s) are
encrypted.

MariaDB Encryption
No ratings yet
MariaDB Encryption
11 pages
An Introduction To MariaDB's Data at Rest Encryption (DARE) - Part 1
No ratings yet
An Introduction To MariaDB's Data at Rest Encryption (DARE) - Part 1
2 pages
MariaDB Galera Cluster Encryption Guide
No ratings yet
MariaDB Galera Cluster Encryption Guide
9 pages
Install MariaDB on CentOS/RHEL 8 Guide
No ratings yet
Install MariaDB on CentOS/RHEL 8 Guide
6 pages
Maria DB
No ratings yet
Maria DB
91 pages
Install MariaDB on Raspberry Pi 3
No ratings yet
Install MariaDB on Raspberry Pi 3
4 pages
Data Encryption in SQL Server
No ratings yet
Data Encryption in SQL Server
7 pages
How To Install Mariadb
No ratings yet
How To Install Mariadb
6 pages
MariaDB Setup Guide for Developers
No ratings yet
MariaDB Setup Guide for Developers
3 pages
MariaDB - Tutorial For Beginners
100% (1)
MariaDB - Tutorial For Beginners
37 pages
How To Enable InnoDB Tablespace Encryption For Table Using TDE
No ratings yet
How To Enable InnoDB Tablespace Encryption For Table Using TDE
2 pages
Getting Started With MariaDB - Second Edition - Sample Chapter
No ratings yet
Getting Started With MariaDB - Second Edition - Sample Chapter
24 pages
UT1 InstallationConfigurationOfMariaDB English
No ratings yet
UT1 InstallationConfigurationOfMariaDB English
24 pages
Reset MySQL/MariaDB Root Password Ubuntu 18.04
No ratings yet
Reset MySQL/MariaDB Root Password Ubuntu 18.04
6 pages
Crypt DB
100% (1)
Crypt DB
28 pages
Lab 1 2 Aes Rsa Encryption Vf17
No ratings yet
Lab 1 2 Aes Rsa Encryption Vf17
20 pages
MariaDB Tutorial: Commands & Syntax
No ratings yet
MariaDB Tutorial: Commands & Syntax
39 pages
MySQL 8 vs MariaDB 10.4 Overview
No ratings yet
MySQL 8 vs MariaDB 10.4 Overview
35 pages
MariaDB Dynamic Columns Guide
No ratings yet
MariaDB Dynamic Columns Guide
20 pages
Maria DB
No ratings yet
Maria DB
6 pages
ExploringIBMDB2 EncryptionTechnology Marcin BasterIBM POLSKA
No ratings yet
ExploringIBMDB2 EncryptionTechnology Marcin BasterIBM POLSKA
84 pages
Lab14-Ubuntu DBServices
No ratings yet
Lab14-Ubuntu DBServices
16 pages
Laboratory 9 - Protecting Data by Encryption
No ratings yet
Laboratory 9 - Protecting Data by Encryption
7 pages
MariaDB Server 10.2: A Comprehensive Guide
No ratings yet
MariaDB Server 10.2: A Comprehensive Guide
77 pages
MariaDB Installation and Management Guide
No ratings yet
MariaDB Installation and Management Guide
10 pages
Install MariaDB on RHEL 8 Guide
No ratings yet
Install MariaDB on RHEL 8 Guide
15 pages
Encryption
No ratings yet
Encryption
19 pages
Encryption
No ratings yet
Encryption
30 pages
04 - MariaDB Create User and Database
No ratings yet
04 - MariaDB Create User and Database
3 pages
At Rest & in Transit Encryption
No ratings yet
At Rest & in Transit Encryption
6 pages
SQL Database Encryption Guide
No ratings yet
SQL Database Encryption Guide
17 pages
Maria DB
No ratings yet
Maria DB
16 pages
Encryption
No ratings yet
Encryption
18 pages
Python & MariaDB Integration Guide
No ratings yet
Python & MariaDB Integration Guide
7 pages
41 Python MySQL DB Connectivity and Secure Password
No ratings yet
41 Python MySQL DB Connectivity and Secure Password
12 pages
CodeIgniter Security and Encryption Guide
No ratings yet
CodeIgniter Security and Encryption Guide
24 pages
Task 1
No ratings yet
Task 1
3 pages
Database Encryption Types Explained
No ratings yet
Database Encryption Types Explained
10 pages
1 Preliminary Note: - Hit Return
No ratings yet
1 Preliminary Note: - Hit Return
6 pages
Oracle TDE in Database 10g Release 2
No ratings yet
Oracle TDE in Database 10g Release 2
5 pages
Ebook TheEncryptionGuide
No ratings yet
Ebook TheEncryptionGuide
15 pages
Oss Unit3
No ratings yet
Oss Unit3
16 pages
Database Encryption Methods Explained
No ratings yet
Database Encryption Methods Explained
6 pages
01 140708212836 Phpapp02
No ratings yet
01 140708212836 Phpapp02
35 pages
Truck
No ratings yet
Truck
6 pages
MariaDB & MySQL Command Cheat Sheet
No ratings yet
MariaDB & MySQL Command Cheat Sheet
2 pages
Connection Between IIB and MariaDB
No ratings yet
Connection Between IIB and MariaDB
13 pages
Unit 4
No ratings yet
Unit 4
49 pages
Database Encryption Guide
No ratings yet
Database Encryption Guide
26 pages
AlwaysEncyrpted Lab1
No ratings yet
AlwaysEncyrpted Lab1
18 pages
Encryption in ASE
No ratings yet
Encryption in ASE
6 pages
MariaDB vs MySQL: Key Differences
No ratings yet
MariaDB vs MySQL: Key Differences
6 pages
On The Security of Querying Encrypted Data
No ratings yet
On The Security of Querying Encrypted Data
12 pages
Database Security Using Encryption
No ratings yet
Database Security Using Encryption
6 pages
Database Security and Study of Data Encryption Met
No ratings yet
Database Security and Study of Data Encryption Met
3 pages
Data Obfuscation vs. Encryption Explained
No ratings yet
Data Obfuscation vs. Encryption Explained
10 pages

MariaDB Data At Rest Encryption Guide

Uploaded by

MariaDB Data At Rest Encryption Guide

Uploaded by

MariaDB Data At Rest Encryption

Step 1 – Configuring MariaDB Encryption

Step 2 - Creating The Encryption Key

Step 4 - Restart MariaDB Service

Step 5 – Find The Encrypted Tables

You might also like