By default, Mosquitto broker allows anonymous connections. Mosquitto broker can be configured to require username and password when client connects to the broker. This tutorial shows how to setup username and password authentication for Mosquitto broker on Raspberry Pi.
We can create the password file using
mosquitto_passwd tool. File path is provided as first argument and username is provided as second argument. The
-c option means that new password file will be created. Execute the following command and enter a password for the user:
sudo mosquitto_passwd -c /etc/mosquitto/credentials myuser
Now we need to modify Mosquitto configuration file.
sudo nano /etc/mosquitto/mosquitto.conf
Add the following lines at the end of
allow_anonymous false password_file /etc/mosquitto/credentials
If we made changes to the configuration file, we need to restart the Mosquitto broker.
sudo service mosquitto restart
Now we need to provide the username and password in order to connect to Mosquitto broker.