Re: 7.3.1: Using phpPgAdmin with crypt

From: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: Robert Fitzpatrick <robert(at)webtent(dot)com>
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: 7.3.1: Using phpPgAdmin with crypt
Date: 2002-12-30 03:02:58
Message-ID: 200212300302.gBU32wn10255@candle.pha.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

Robert Fitzpatrick wrote:
> Since upgrading to 7.3.1, our phpPgAdmin does not seem to accept the
> 'crypt' method for client authentication. This worked fine prior to the
> upgrade, now it seems our only option is plain text password. We've also
> tried md5 to no avail.
>
> Has anyone experienced this problem or know what changed in 7.3.1 that
> would affect this?

This is a known problem. We went with MD5-encrypted passwords stored in
pg_shadow in 7.3, and once we did that, we can't do 'crypt' anymore.
This should have been mentioned in the release notes, but I see nothing
there (shame on me). (I even managed to break 'password' in 7.3 but got
that fixed in 7.3.1.) Fortunately, we haven't gotten many complaints,
and that is probably because we encouraged MD5 use in 7.2, so most of
the folks were already using MD5 when we deprecated crypt in 7.3.

So, right now, crypt is pretty much useless except to support pre-7.2
clients, _and_ to use it, you have to disable password_encryption in
pg_hba.conf before you load in your user passwords to even use crypt.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073

In response to

Browse pgsql-general by date

  From Date Subject
Next Message yanggui 2002-12-30 03:08:02 Inquiry From Form [pgsql]
Previous Message David Busby 2002-12-30 02:39:15 Fixed: Trouble with readline compiling on Redhat 8.0