Setting up Authentication in Mosquitto MQTT Broker

Eclipse Mosquitto is an open source (EPL/EDL licensed) message broker that implements the MQTT protocol versions 3.1 and 3.1.1. Mosquitto is lightweight and is suitable for use on all devices from low power single board computers to full servers.

The MQTT protocol provides a lightweight method of carrying out messaging using a publish/subscribe model. This makes it suitable for Internet of Things messaging such as with low power sensors or mobile devices such as phones, embedded computers or microcontrollers.

The Mosquitto project also provides a C library for implementing MQTT clients, and the very popular mosquitto_pub and mosquitto_sub command line MQTT clients.

Mosquitto is one of the most famous MQTT broker. Its very easy to install and easy to use. After reading many articles and answers, following are the steps I found to make it work.

You May Also Like- How To Create Secure MQTT Broker

DOWNLOAD

Mosquitto is highly portable and available for a wide range of platforms. Go to the dedicated download page to find the source or binaries for your platform.

Setting up Authentication in Mosquitto MQTT Broker

1. Install the latest Mosquitto distribution.

Run following commands,

wget http://repo.mosquitto.org/debian/mosquitto-repo.gpg.key
sudo apt-key add mosquitto-repo.gpg.key
cd /etc/apt/sources.list.d/
sudo wget http://repo.mosquitto.org/debian/mosquitto-wheezy.list
sudo apt-get update
sudo apt-get install mosquitto

2. If you have just installed the Mosquitto broker, make sure its stopped (to be in the safe side)

sudo stop mosquitto

3. Creating the new password file

Password file will contain your username and the encrypted password. Run the following command to create and add a user to this file.

sudo mosquitto_passwd -c /etc/mosquitto/passwd <user_name>

Then, you will be asked for your password twice, enter that too.

4. Now we have to give the location of the password file to the Mosquitto broker config file. So open the mosquitto.conf file using the following command,

sudo gedit /etc/mosquitto/mosquitto.conf

And add following two entries to the mosquitto.conf file,

password_file /etc/mosquitto/passwd
allow_anonymous false

• “allow_anonymous false” is used to prevent, clients without username and password to connecting to the broker.

5. Now start the broker with the following command,

mosquitto -c /etc/mosquitto/mosquitto.conf

6. If you need to verify the authentication, you can use following command, (you have to install mosquitto clients to do this)

mosquitto_sub -h localhost -p 1883 -t myTopic -u <user_name> -P <password>