Each slave connects to the master using a MySQL user name and
password, so there must be a user account on the master that the
slave can use to connect. The user name is specified by the
MASTER_USER option on the
MASTER TO command when you set up a replication slave.
Any account can be used for this operation, providing it has
been granted the
SLAVE privilege. You can choose to create a different
account for each slave, or connect to the master using the same
account for each slave.
Although you do not have to create an account specifically for replication, you should be aware that the replication user name and password are stored in plain text in the master info repository file or table (see Section 184.108.40.206, “Slave Status Logs”). Therefore, you may want to create a separate account that has privileges only for the replication process, to minimize the possibility of compromise to other accounts.
To create a new account, use
USER. To grant this account the privileges required
for replication, use the
statement. If you create an account solely for the purposes of
replication, that account needs only the
REPLICATION SLAVE privilege. For
example, to set up a new user,
repl, that can
connect for replication from any host within the
example.com domain, issue these statements on
mysql> CREATE USER 'repl'@'%.example.com' IDENTIFIED BY 'password'; mysql> GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%.example.com';
See Section 13.7.1, “Account Management Statements”, for more information on statements for manipulation of user accounts.