How do you properly remove "REQUIRE SSL" from a single user?

Question

I successfully granted REQUIRE SSL to a single user by doing...

mysql -u"${targetMySqlUser}" -p"${targetMySqlPass}" -e "GRANT USAGE ON dbname.* TO 'dbusername'@'%' REQUIRE SSL;"

but im failing on REMOVING or REVOKING this flag from the user, using revoke. i guess im fighting with the syntax. Is there a proper way to remove it with the "revoke" command, without revoking the whole permission ?

MySQL 5.5 manual , this site and the interwebs didn't helped me yet finding a proper counter-way.

This SQL statement will work.

UPDATE mysql.user SET ssl_type = '' WHERE ssl_type = 'any' ; FLUSH PRIVILEGES;

but I believe where is a GRANT REQUIRE SSL there must me a REVOKE REQUIRE SSL, isn't there ?

Answer 1

What you are looking for does not exist in MySQL 5.5

Unfortunately, the ALTER USER command for MySQL 5.6 is limited. All you can do is

ALTER USER user@host PASSWORD EXPIRE;

In MySQL 5.7, you could run the ALTER USER command as follows

ALTER USER user@host REQUIRE NONE;

When it comes to MySQL 5.5, you did the most expedient way possible. Great !!!

A more politically correct way would have been to do the following:

DROP USER user@host;
CREATE USER user@host;
GRANT ... on ... TO user@host IDENTIFIED BY '...';

Otherwise, I commend you for doing what was needed.

Answer 2

This was one of the google results when I wanted to remove REQUIRE SSL on a MySQL user that I enforced. What I did was do REQUIRE NONE on USAGE

GRANT USAGE ON dbname.* TO 'dbusername'@'%' REQUIRE NONE;

Verify if the settings have been changed by running

SHOW GRANTS FOR 'dbusername'@'%' ;

Worked on MySQL 5.6