From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | Andrew Dunstan <andrew(at)dunslane(dot)net>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Paul Tillotson <pntil(at)shentel(dot)net>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
Date: | 2005-04-21 22:20:05 |
Message-ID: | 200504212220.j3LMK5P00256@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Stephen Frost wrote:
-- Start of PGP signed section.
> * Andrew Dunstan (andrew(at)dunslane(dot)net) wrote:
> > The docs say: "only md5 supports encrypted passwords stored in
> > pg_shadow; the other two require unencrypted passwords to be stored
> > there." So either your assertion that 'password' auth does not imply
> > plaintext password storage is wrong, or the docs are.
>
> The docs are wrong. Sorry, I knew that and forgot to mention it
> explicitly previously. Using 'password' in pg_hba.conf while using
> 'with encrypted password'/md5 in pg_shadow works just fine.
>
> Just tested here to make 100% sure, under 8.0.1.
I see the documentation is slightly confusing. I have applied this
patch to HEAD and 8.0.X to clarify it.
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Attachment | Content-Type | Size |
---|---|---|
unknown_filename | text/plain | 1.2 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Thomas Hallgren | 2005-04-21 22:24:26 | Returning a RECORD, not SETOF RECORD |
Previous Message | Simon Riggs | 2005-04-21 20:29:53 | Re: Problem with PITR recovery |