Fork me on GitHub

Mosquitto用户名密码配置

介绍

由于需要把mqtt部署到外网上面去,所以需要关闭匿名登陆,采取用户认证模式,而且还可能需要把主题加密。

配置

参数说明

配置参数在/etc/mosquitto/mosquitto.conf中,

1
2
3
allow_anonymous 允许匿名登陆
password_file 账号密码文件
acl_file 访问控制列表

配置

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
[root@localhost mosquitto]# vim mosquitto.conf           
# Place your local configuration in /etc/mosquitto/conf.d/

pid_file /var/run/mosquitto.pid

persistence true
persistence_location /var/lib/mosquitto/

#log_dest file /var/log/mosquitto/mosquitto.log

include_dir /etc/mosquitto/conf.d
allow_anonymous false
password_file /etc/mosquitto/pwfile
acl_file /etc/mosquitto/aclfile
port 8001

查看用户

1
2
[root@localhost mosquitto]# cat pwfile                   
agri:$6$NprvJLB/CkEomWGy$gNj5Mr6Wf+2Xz16P6dIZYD/ladZZtyKQMJ/tdpy7WLepj5akpPB+hF8zolrNd5IacbsAxXDWX1vS5I9Pj4fnCA==

添加用户

1
2
3
4
# mosquitto_passwd --help 了解到使用 -c 会覆盖密码文件中的内容,也就是添加一个用户后会覆盖以前的账户信息
mosquitto_passwd -c /etc/mosquitto/pwfile username
# mosquitto_passwd -d 新增一个用户密码
mosquitto_passwd -d /etc/mosquitto/pwfile username password

设置好密码

添加Topic和用户的关系

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
[root@localhost ~]# vim /etc/mosquitto/aclfile
# This affects access control for clients with no username.
#topic read $SYS/#

# This only affects clients with username "roger".
#user roger
#topic foo/bar
#user zhang
user zhang
topic read mtopic/#

user zhang
topic write mtopic/#

# This affects all clients.
# pattern write $SYS/broker/connection/%c/state

重启测试

1
2
[root@localhost mosquitto]# /etc/init.d/mosquitto restart
Restarting mosquitto (via systemctl): [ 确定 ]
------本文结束 🖐 感谢阅读------
0%