emqx mnesia auth

Hi Guys, Welcome to Proto Coders Point. In this Article let’s learn How to secure EMQX by adding mnesia authentication plugin and enabling mnesia auth , by which a user can only get connected to MQTT Broker if he has authorized username & password.

Here is a article & Video Tutorial on How to Install EMQX on Ubuntu Server & Connect to MQTT Broker by using MQTT SPY tool

Install EMQX on ubuntu

How to Secure EMQX by mnesia authentication plugin – EMQX tutorial

Let’s Get Started

We will be be using emqx mnesia auth plugin to secure our mqtt broker, so that only user with authorized username & password and connect to Emqx mqtt broker.

Step 1: Connect to Server & Open Putty Terminal

To connect to server instance terminal using putty follow below steps:

  • 1. In Session, Enter Host Name i.e IP of server and port.
  • 2. Then in Connection -> Data, Enter username. Eg: ubuntu.
  • 3. Then in Connection -> SSH -> Auth, Browse/select ppk file.
  • 4. Connect, Click on Open.
how to connect to server terminal using putty

Step 2: Turn Off EMQX allow_anonymous

By default, allow anonymous access in emqx is true, means anyone with server IP address can get access to MQTT Broker and read all the message, To secure it we need to Turn of anonymous access by just setting allow_anonymous to false.

To do so, we need to edit emqx.conf file.

open emqx.conf by using any ubuntu editor, I use vim editor. run below command to open the file.

sudo vim /etc/emqx/emqx.conf

This will open the file in terminal itself, use arrow key and search for allow_anonymous and set it to false as show below.

now by pressing Esc > :wq save the file.

Step 3: Config mnesia Authentication

As I said above, We will use mnesia auth plugin to secure auth to mqtt broker.

For that we must config emqx_auth_mnesia.conf file and add Username Authenticatiion in EMQX.

Open emqx_auth_mnesia.conf by running below cmd:

sudo vim /etc/emqx/plugins/emqx_auth_mnesia.conf
secure mqtt using mnesia username password authentication
secure mqtt using mnesia username password authentication

now by pressing Esc > :wq save the file.

Step 4: Active / Load EMQX mnesia Authentication

Now run below cmd to load mnesia emqx auth plugin:

emqx_ctl plugins load emqx_auth_mnesia
emqx_ctl plugins load emqx_auth_mnesia
emqx_ctl plugins load emqx_auth_mnesia

We have now successfully secure our MQTT Message Broker i.e EMQX.

Step 5: Restart EMQX

Now, After adding auth security to EMQX, We need to Restart it.

sudo emqx restart
emqx restart

Step 6: Connect to EMQX using MQTT-spy tool

I am using mqtt-spy tool to get connected to my mqtt broker and watch to the incoming message in queue.

Here are screenshot how to connect to EMQX broker.

Here in connectivity enter server URL or IP Address
EMQX secure access, enable user authentication and enter username & password

DONE, Finally We have secured our EMQX by adding username & Password Authentication using mnesia emqx auth plugin.

Video Tutorial on youtube on EMQX security