The sha256_password plugin manages authentication using SHA-256 encryption, supporting both clear text passwords over SSL and RSA encrypted password exchange.
SHA256 authentication possible exchanges:
if connection use SSL (SSLRequest Packet sent):
Client sends a .
Else:
If client doesn't know server RSA public key:
Client sends a .
Server sends a .
password without encryption.
fixed 0x01 value.
fixed 0x01 value.
public key data.
RSA encrypted password.
RSA encrypted value of XOR(password, seed) using server public key (RSA_PKCS1_OAEP_PADDING).
This page is licensed: CC BY-SA / Gnu FDL
Client sends an RSA encrypted password.
Ends with server sending either OK_Packet , ERR_Packet.