From: | Holger Jakobs <holger(at)jakobs(dot)com> |
---|---|
To: | pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | Re: Upgrading password encryption from md5 to scram-sh-256 |
Date: | 2021-05-28 14:41:21 |
Message-ID: | 024F93BC-DB7C-4E00-8D46-5D7033CB0929@jakobs.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Am 28. Mai 2021 15:27:43 MESZ schrieb Nikhil Shetty <nikhil(dot)dba04(at)gmail(dot)com>:
>Hi Team,
>
>Just a quick check
>As per documentation, for upgrading password encryption from md5 to
>scram-sha-256, we have to set password_encryption to scram-sha-256,
>reset
>the user password and then change in pg_hba.conf.
>
>Is there any other way to do this without changing the password? if
>there
>are a lot of login users in the database it becomes difficult and it
>may
>incur downtime as well.
>
>I see there is a way the users can do it by themselves but still will
>incur some downtime.
>
>Thanks and Regards,
>Nikhil
It's no problem to leave the setting at md5 as this accepts the new scram passwords as well.
Just check after a while whether all passwords have been changed to scram.
Since there is no way of retrieving a password in clear it's also impossible to change them to scram automatically.
Hope this helps.
--
Holger Jakobs, Bergisch Gladbach
+49 178 9759012
- sent from mobile, therefore short -
From | Date | Subject | |
---|---|---|---|
Next Message | Jonathan Katz | 2021-05-28 14:52:27 | Re: Upgrading password encryption from md5 to scram-sh-256 |
Previous Message | Laurenz Albe | 2021-05-28 14:29:10 | Re: Upgrading password encryption from md5 to scram-sh-256 |