Re: Can we stop defaulting to 'ident'?

From: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
To: Christoph Berg <myon(at)debian(dot)org>, Devrim Gündüz <devrim(at)gunduz(dot)org>, Stephen Frost <sfrost(at)snowman(dot)net>, Craig Ringer <craig(at)2ndquadrant(dot)com>, pgsql-pkg-yum <pgsql-pkg-yum(at)postgresql(dot)org>
Subject: Re: Can we stop defaulting to 'ident'?
Date: 2020-05-20 14:49:35
Message-ID: 3a7d55ed-6abb-2005-23d7-8411bb9f5651@2ndquadrant.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-pkg-debian pgsql-pkg-yum

On 2020-05-20 15:40, Christoph Berg wrote:
> Re: Peter Eisentraut
>> The upstream default is still to use md5 passwords by default, and some
>> deliberation has gone into that to keep it that way. So it would make sense
>> to have the RPMs also do that. The Debian packages also still use md5.
>> Some consistency across the board would be good. Otherwise it will be very
>> confusing for users if everyone just goes into their own direction.
>
> The upstream initdb default is still 'trust', but everyone agrees that
> it's good that distributions are changing that so something more
> secure, so we are already disconnected from the "true" default here.

Sorry, I should have been more clear. The upstream default of the GUC
parameter "password_encryption" is md5.

It is understood that the default client authentication method can be
changed downstream.

--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

Responses

Browse pgsql-pkg-debian by date

  From Date Subject
Next Message Stephen Frost 2020-05-20 14:57:52 Re: Can we stop defaulting to 'ident'?
Previous Message Stephen Frost 2020-05-20 14:45:04 Re: Can we stop defaulting to 'ident'?

Browse pgsql-pkg-yum by date

  From Date Subject
Next Message Stephen Frost 2020-05-20 14:57:52 Re: Can we stop defaulting to 'ident'?
Previous Message Stephen Frost 2020-05-20 14:45:04 Re: Can we stop defaulting to 'ident'?