Error Message in DBeaver connecting using jdbc: Public Key Retrieval is not allowed

Fixing “Public Key Retrieval is not allowed” Error in MySQL with DBeaver

 

If you are trying to connect MySQL 8+ with DBeaver and suddenly see this frustrating error:

❌ Public Key Retrieval is not allowed

Don’t worry — this is a very common issue and the fix is simple once you understand why it happens.

---

🔍 Why This Error Occurs

MySQL 8 uses a new authentication method called:

caching_sha2_password

For security reasons, Java-based tools like DBeaver (which use JDBC drivers) refuse to automatically fetch the public key from the server unless you explicitly allow it.

So when DBeaver tries to connect, it fails with:

Public Key Retrieval is not allowed

This is not a server crash, not a firewall issue, and not a wrong password problem — it’s just a security restriction in the driver.

---

✅ The Quick & Easy Fix (Recommended for Local/LAN Use)

Step 1: Open your connection in DBeaver

• Right-click your MySQL connection → Edit Connection

Step 2: Go to Driver Properties

Add or set these two properties:

Property	Value
allowPublicKeyRetrieval	true
useSSL	false

Step 3: Click Test Connection → Finish

That’s it. Your connection should work immediately.

---

🧠 What This Setting Does

• allowPublicKeyRetrieval=true → Allows the client to fetch the MySQL public key securely.

• useSSL=false → Disables SSL (fine for local or LAN setups).

---

🛡️ Permanent & Cleaner Fix (Server Side – Best for Production)

Instead of changing client settings everywhere, you can switch the MySQL user to the old compatible authentication method:

Login to MySQL:

sudo mysql

Run:

ALTER USER 'shashwat'@'%' IDENTIFIED WITH mysql_native_password BY 'YourPassword';
ALTER USER 'shashwat'@'localhost' IDENTIFIED WITH mysql_native_password BY 'YourPassword';
FLUSH PRIVILEGES;

Now you can connect from DBeaver without any special options.

---

🔎 Check Which Auth Plugin Your User Uses

SELECT user, host, plugin FROM mysql.user WHERE user='shashwat';

If it shows:

mysql_native_password

You’re fully compatible with all tools.

---

⚠️ Security Note

• Using allowPublicKeyRetrieval=true is safe on local network

• Do NOT expose MySQL directly to the internet without:

  • Firewall

  • SSL

  • IP restrictions

---

🏁 Conclusion

This error looks scary, but it’s actually:

✅ A client-side security restriction, not a server failure.

Once you fix it, MySQL + DBeaver works perfectly.

#MySQL #DBeaver #Database #SQL #BackendDevelopment #Java #JDBC #DevOps #Linux #Ubuntu #ServerManagement #WebDevelopment #ErrorFix #TechTips #Programming #DatabaseAdministration #FullStack #Coding #Troubleshooting #SelfHosted