Setup Username and Password Authentication for Mosquitto Broker on Raspberry Pi

Setup Username and Password Authentication for Mosquitto Broker on Raspberry Pi

By default, Mosquitto broker allows anonymous connections. Mosquitto broker can be configured to require username and password when client connects to the broker. This tutorial shows how to setup username and password authentication for Mosquitto broker on Raspberry Pi.

We can create the password file using mosquitto_passwd tool. File path is provided as first argument and username is provided as second argument. The -c option means that new password file will be created. Execute the following command and enter a password for the user:

sudo mosquitto_passwd -c /etc/mosquitto/credentials myuser

Now we need to modify Mosquitto configuration file.

sudo nano /etc/mosquitto/mosquitto.conf

Add the following lines at the end of mosquitto.conf file:

allow_anonymous false
password_file /etc/mosquitto/credentials

If we made changes to the configuration file, we need to restart the Mosquitto broker.

sudo service mosquitto restart

Now we need to provide the username and password in order to connect to Mosquitto broker.

Username and Password Authentication for Mosquitto Broker

The 2 Comments Found

  1. Avatar
    Tom Reply

    Dear Sir, I need a clarification if possible: I have already entered in Mosquitto the password, what I can not understand is how to enter a new password (to replace the previous one). Basically, the first time I installed Mosquitto on the Raspberry, after editing the configuration file mosquitto.conf adding among the other strings these:
    allow_anonymous false
    password_file /etc/mosquitto/passwords

    I created the password with these commands:
    cd /etc/mosquitto
    sudo mosquitto_passwd -c passwords mqtt_user

    (instead of mqtt_user I put one of my personal user) and then in terminal I see a request to enter a password, now I do not know if to enter a new password, I have to repeat the commands above:
    cd /etc/mosquitto
    sudo mosquitto_passwd -c passwords mqtt_user

    or do another procedure. Thanks a lot for your help
    Good night
    Tom

    • Avatar
      lindevs Reply

      The -c option creates a new password file or overwrites it if already exists. If you want to change user password, you should execute mosquitto_passwd command without -c option. Command will prompt you to provide a new password two times. When you finished, don't forget to restart Mosquitto service.
      sudo mosquitto_passwd /etc/mosquitto/passwords mqtt_user
      sudo service mosquitto restart

Leave a Comment

Cancel reply

Your email address will not be published.