Re: You're on SecurityFocus.com for the cleartext passwords.

> > The additional random salt prevents someone from sniffing
> > the communication between client and server and then simply log in by
> > sending the known hash of the password. The challenge-response means that
> > sniffing one login doesn't allow you to fake the next one.
>
> How so? The server sends out one fixed salt (the one stored for that
> user's password in pg_shadow) and one randomly-chosen salt. The client
> sends back two crypted passwords. The server can check one of them.
> What can it do with the other? Nothing that I can see, so where is the
> security gain? A sniffer can still get in by sending back the same
> pair of crypted passwords next time, no matter what random salt is
> presented.

No, you crypt the user-supplied password twice.

'fred' -> crypt with fixed -> crypt with random

Server does:

pg_shadow password -> crypt with random

Then check to see they match.

Does that help?

--
Bruce Momjian | http://www.op.net/~candle
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026