| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Nigel J(dot) Andrews" <nandrews(at)investsystems(dot)co(dot)uk> |
| Cc: | "Robert C(dot) Paulsen Jr(dot)" <robert(at)paulsenonline(dot)net>, pgsql-general(at)postgresql(dot)org |
| Subject: | Re: crypt vs password in pg_hba.conf |
| Date: | 2003-06-15 04:42:38 |
| Message-ID: | 10818.1055652158@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"Nigel J. Andrews" <nandrews(at)investsystems(dot)co(dot)uk> writes:
> Check the syntax for the alter user statement, whereever it says you may use
> the word ENCRYPTED use it and you should then be able to use 'crypt' in the
> pg_hba.conf.
Actually I think this advice is backwards. If you want to use crypt
authentication mode then you have to store *unencrypted* passwords in
pg_shadow, because encrypted passwords will be stored using MD5
encryption which is not compatible with crypt-style encryption.
But probably better advice is "don't use crypt auth mode, use md5".
The crypt mode is only still there to support legacy clients that
haven't been updated to handle md5 yet.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2003-06-15 05:05:44 | Re: Unknown kind of return type specified for function |
| Previous Message | Sven Köhler | 2003-06-15 00:20:44 | Re: full featured alter table? |