Introduction
Mosquitto is an open-source message broker implementing the Message Queuing Telemetry Transport (MQTT) protocol. To install MQTT Broker on Ubuntu 24.04, you can take advantage of MQTT’s lightweight TCP/IP messaging platform, which is designed for Internet of Things (IoT) devices with minimal resources, such as low bandwidth or short battery life. Mosquitto relies on a publish-subscribe (pub/sub) topology, where publishers send messages to the broker and subscribers receive messages through a channel.
This article explains how to install MQTT Broker on Ubuntu 24.04. You'll also manage topics and secure the Mosquitto server with a password.
Prerequisites
Before you begin:
- Deploy an Ubuntu 24.04 instance on Vultr.
- Configure a non-root user with sudo privileges.
- Update the instance.
Install Mosquitto MQTT Broker on Ubuntu 24.04
Mosquitto is available in the default package repositories on Ubuntu 24.04. Follow the steps below to install MQTT Broker on Ubuntu 24.04.
Install the Mosquitto package.
console$ sudo apt install -y mosquitto
Verify the new Mosquitto version.
console$ mosquitto -v
Output:
1730087147: mosquitto version 2.0.18 starting 1730087147: Using default config. 1730087147: Starting in local only mode. Connections will only be possible from clients running on this machine. 1730087147: Create a configuration file which defines a listener to allow remote access.
Manage the Mosquitto System Service
Mosquitto runs as a system service under mosquitto. Follow the steps below to manage the service using the systemctl command.
View the
mosquittoservice status and verify it's active.console$ sudo systemctl status mosquitto
Output:
● mosquitto.service - Mosquitto MQTT Broker Loaded: loaded (/usr/lib/systemd/system/mosquitto.service; enabled; preset: enabl> Active: active (running) since Fri 2024-10-25 06:51:37 UTC; 12min ago Docs: man:mosquitto.conf(5) man:mosquitto(8) ...Stop the
mosquittoservice.console$ sudo systemctl stop mosquitto
Start the
mosquittoservice.console$ sudo systemctl start mosquitto
Restart the
mosquittoservice.console$ sudo systemctl restart mosquitto
Install and Test the Mosquitto Clients
Publishers and subscribers can connect to a Mosquitto server and exchange messages using the Mosquitto command-line interface. Follow the steps below to install the package.
Install the
mosquitto-clientspackage.console$ sudo apt install -y mosquitto-clients
Subscribe to a topic, such as
home/sensor/temperatureby running the following command as a background process.console$ mosquitto_sub -t "home/sensor/temperature" &
Output:
23.5Publish a new message to the
home/sensor/temperaturetopic and set the value to30.5.console$ mosquitto_pub -t "home/sensor/temperature" -m "30.5" -q 1 -r
Output:
30.5 30.5Publish another message and set the value to
45.2.console$ mosquitto_pub -t "home/sensor/temperature" -m "45.2" -q 1 -r
Output:
45.2 45.2View all active background jobs and note the
mosquitto_subjob ID.console$ jobs
Output:
[1] Running mosquitto_sub -t "home/lights/sitting_room" &Stop the job by specifying the ID.
console$ kill %1
Output:
[1] Done mosquitto_sub -t "home/lights/sitting_room" &
Secure the Mosquitto Server
By default, Mosquitto allows clients to connect without any form of authentication. Follow the steps below to enable password-based authentication that requires clients to connect using a username and a password.
Create a new
default.confconfiguration in the/etc/mosquitto/conf.ddirectory.console$ sudo nano /etc/mosquitto/conf.d/default.conf
Add the following configurations to the
/etc/mosquitto/conf.d/default.conffile to disable anonymous connections and allow Mosquitto to read the/etc/mosquitto/passwdcredentials file.iniallow_anonymous false password_file /etc/mosquitto/passwd
Save and close the file.
Open the
/etc/mosquitto/passwdauthentication file.console$ sudo nano /etc/mosquitto/passwd
Add the following user credentials to the file. Replace
EXAMPLE_PASSWORDandSTRONG_PASSWORDwith your desired values.inijohn_doe:EXAMPLE_PASSWORD mary_smith:STRONG_PASSWORD
Save and close the file.
Encrypt the plain users' passwords using the
mosquitto_passwdutility.console$ sudo mosquitto_passwd -U /etc/mosquitto/passwd
View the
/etc/mosquitto/passwdfile to verify you've encrypted the passwords.console$ sudo cat /etc/mosquitto/passwd
Output:
john_doe:$6$TSzNycsj...5Qyvgd4g== mary_smith:$6$DtlKf1lG.../rLHIL0Q==Restart the
mosquittoservice to apply the configuration changes.console$ sudo systemctl restart mosquitto
Subscribe to the
/home/sensor/temperaturetopic using a valid username and password. For example,john_doeandEXAMPLE_PASSWORD.console$ mosquitto_sub -u john_doe -P EXAMPLE_PASSWORD -t "/home/sensor/temperature"
Publish a new message to the
/home/sensor/temperaturetopic.console$ mosquitto_pub -u john_doe -P EXAMPLE_PASSWORD -t "home/sensor/temperature" -m "22.5" -q 1 -r
Output:
22.5View all active background jobs and note the
mosquitto_subjob ID.console$ jobs
Output:
[1] Running mosquitto_sub -u john_doe -P EXAMPLE_PASSWORD -t "home/lights/sitting_room" &Stop the topic by specifying the job ID.
console$ kill %1
Output:
[1] Done mosquitto_sub -u john_doe -P EXAMPLE_PASSWORD -t "home/lights/sitting_room" &Try subscribing to the
/home/sensor/temperaturetopic using incorrect credentialsconsole$ mosquitto_pub -u john_doe -P VERY_WRONG_PASSWORD -t "home/sensor/temperature" -m "22.5" -q 1 -r
Output:
Connection error: Connection Refused: not authorised. Error: The connection was refused.The above output shows the connection fails because Mosquitto can't authorize the user.
Conclusion
You have installed Mosquitto MQTT Broker on Ubuntu 24.04, enabled password authentication, and run pub/sub samples to the broker. You can integrate Mosquitto with modern programming languages like Python, PHP, Ruby, and Golang to create IoT applications.