Adding auth to Mosquitto not working

Based on original working installation, I tried to add user/pw based authentication to Mosquitto.

per docs, I created a password file
sudo mosquitto_passwd -c /etc/mosquitto/passwd robert

my passwd file contains, as expected one line with my robert user and an encrypted password.
The file is -rw-r–r--, so should be readable.

Editing the conf file to use my new password file:

#allow_anonymous true
password_file /etc/mosquitto/passwd
allow_anonymous false

and rebooting, I sadly observe that the mosquitto daemon has quit after being started (active(exited)):

sudo systemctl status mosquitto.service
● mosquitto.service - LSB: mosquitto MQTT v3.1 message broker
   Loaded: loaded (/etc/init.d/mosquitto; generated; vendor preset: enabled)
   Active: active (exited) since Sun 2019-09-08 00:01:48 PDT; 1min 19s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 368 ExecStart=/etc/init.d/mosquitto start (code=exited, status=0/SUCCESS)
    Tasks: 0 (limit: 4915)
   CGroup: /system.slice/mosquitto.service

Sep 08 00:01:46 raspberry systemd[1]: Starting LSB: mosquitto MQTT v3.1 message broker...
Sep 08 00:01:48 raspberry mosquitto[368]: Starting network daemon:: mosquitto.
Sep 08 00:01:48 raspberry systemd[1]: Started LSB: mosquitto MQTT v3.1 message broker.

And what does the log say:

cat /var/log/mosquitto/mosquitto.log
1567925700: New client connected from 127.0.0.1 as mqtt_48d998a7.f27cc8 (c1, k60).
1567926101: Client mqtt_48d998a7.f27cc8 disconnected.
1567926101: Error in poll: Interrupted system call.
1567926101: mosquitto version 1.4.10 terminating

So I am clearly buggering something, either

  • in the conf file syntax itself
  • in the passwd file
  • some other part needed for the authentication stuff to start up

I also tried plaintext user:password in the passwd file (I read somewhere if TLS is not installed that’s the way to do it. I don’t know whether TLS is installed or not, but this gave me the same problem w the daemon exiting after starting up)

Does anyone see what I am doing wrong or can point me to the correct way to do user/password based authentication in mosquitto in our Home Assistant context ?

Thanks in advance !

Hi,

3 things come to mind.

1 - I find that I need to reboot the system and not just restart mosquitto to get any updates to work.

2 - If mosquitto.conf and the passwd file are in the same folder you don’t need either of the lines that you added, remove them.

3 - Permissions - Make sure that the passwd file is accessible to the user that you run mosquitto with.

Regards

Simon

Thanks for the response Simon. I stumbled around some more and finally figured it out (which was not what the docs or the conf file itself state…but anyways)

To enable username/password authentication.

  1. create a file called “/etc/mosquitto/passwords” (it has to be that filename !) acc to http://www.steves-internet-guide.com/mqtt-username-password-example/ for example.

  2. sudo chmod a+rwx /etc/mosquitto/passwords

  3. comment out the line in the default /etc/mosquitto/mosquitto.conf file that says “allow_anonymous true” ➟ “#allow_anonymous false” (I forget whether this line was even in the original conf or not, if not ignore this step)

  4. sudo reboot now

So, there appears to be an implicit use of the hardcoded filename “passwords” when this file is present (no “password_file” directive needed or wanted in the conf file)

Also, the conf file does NOT need to be moved into /etc/mosquitto/conf.d/ as suggested by the comment in the first line

All works now.

1 Like