Documentation Home
MySQL 8.0 Reference Manual
Related Documentation Download this Manual
PDF (US Ltr) - 40.3Mb
PDF (A4) - 40.4Mb
PDF (RPM) - 39.7Mb
HTML Download (TGZ) - 10.5Mb
HTML Download (Zip) - 10.5Mb
HTML Download (RPM) - 9.0Mb
Man Pages (TGZ) - 244.1Kb
Man Pages (Zip) - 349.3Kb
Info (Gzip) - 3.8Mb
Info (Zip) - 3.8Mb
Excerpts from this Manual

MySQL 8.0 Reference Manual  /  ...  /  ndbxfrm — Compress, Decompress, Encrypt, and Decrypt Files Created by NDB Cluster

23.4.31 ndbxfrm — Compress, Decompress, Encrypt, and Decrypt Files Created by NDB Cluster

The ndbxfrm utility, introduced in NDB 8.0.22, can be used to decompress, decrypt, and output information about files created by NDB Cluster that are compressed, encrypted, or both. It can also be used to compress or encrypt files.

Table 23.49 Command-line options for the ndbxfrm program

Format Description Added, Deprecated, or Removed



Compress file

ADDED: NDB 8.0.22


Use this password to decrypt file

ADDED: NDB 8.0.22



Number of iterations used in key definition

ADDED: NDB 8.0.22


Use this password to encrypt file

ADDED: NDB 8.0.22



Print usage information

ADDED: NDB 8.0.22



Print file information

ADDED: NDB 8.0.22



Prints usage information; synonym for --help

ADDED: NDB 8.0.22



Output version information

ADDED: NDB 8.0.22


ndbxfrm --info file[ file ...]

ndbxfrm --compress input_file output_file

ndbxfrm --decrypt-password=password input_file output_file

ndbxfrm [--encrypt-ldf-iter-count=#] --encrypt-password=password input_file output_file

input_file and output_file cannot be the same file.


  • --compress, -c

    Compresses the input file, using the same compression method as is used for compressing NDB Cluster backups, and writes the output to an output file. To decompress a compressed NDB backup file that is not encrypted, it is necessary only to invoke ndbxfrm using the names of the compressed file and an output file (with no options required).

  • --decrypt-password=password

    Decrypts a file encrypted by NDB using the password supplied.

  • --encrypt-kdf-iter-count=#, -k #

    When encrypting a file, specifies the number of iterations to use for the encryption key. Requires the --encrypt-password option.

  • --encrypt-password=password

    Encrypts the backup file using the password supplied by the option. The password must meet the requirements listed here:

    • Uses any of the printable ASCII characters except !, ', ", $, %, \, and ^

    • Is no more than 256 characters in length

    • Is enclosed by single or double quotation marks

    It is possible but not recommended to use an empty password ('' or "").

  • --help, -?

    Prints usage information for the program.

  • --info, -i

    Prints the following information about one or more input files:

    • The name of the file

    • Whether the file is compressed (compression=yes or compression=no)

    • Whether the file is encrypted (encryption=yes or encryption=no)


    shell> ndbxfrm -i BACKUP-10-0.5.Data BACKUP-10.5.ctl BACKUP-10.5.log
    File=BACKUP-10-0.5.Data, compression=no, encryption=yes
    File=BACKUP-10.5.ctl, compression=no, encryption=yes
    File=BACKUP-10.5.log, compression=no, encryption=yes
  • --usage, -?

    Synonym for --help.

  • --version, -V

    Prints out version information.

ndbxfrm can encrypt backups created by any version of NDB Cluster. The .Data, .ctl, and .log files comprising the backup must be encrypted separately, and these files must be encrypted separately for each data node. Once encrypted, such backups can be decrypted only by ndbxfrm, ndb_restore, or ndb_print_backup from NDB Cluster 8.0.22 or later.

An encrypted file can be re-encrypted with a new password using the --encrypt-password and --decrypt-password options together, like this:

ndbxfrm --decrypt-password=old --encrypt-password=new input_file output_file

In the example just shown, old and new are the old and new passwords, respectively; both of these must be quoted. The input file is decrypted and then encrypted as the output file. The input file itself is not changed; if you do not want it to be accessible using the old password, you must remove the input file manually.

ndbxfrm does not take any of the options shown in Section 23.4.32, “Options Common to NDB Cluster Programs — Options Common to NDB Cluster Programs”, other than those explicitly listed in this section (that is, --help, --usage, and --version).