Re: MD5 password issue

Hi Tom,

Tom Lane schrieb:
> Andreas Wenk <a(dot)wenk(at)netzmeister-st-pauli(dot)de> writes:
>> In pg_hba.conf we have:
>
>> # TYPE DATABASE USER CIDR-ADDRESS METHOD
>
>> # "local" is for Unix domain socket connections only
>> local all all ident sameuser
>
>> # IPv4 local connections:
>> host all all 127.0.0.1/32 md5
>> host all all 192.168.97.0/24 md5
>
>> Now the question: why is the user pgadmin able to connect to the database using pgAdmin
>> III from 192.168.97.30? That sould not be possible ... or am I wrong?
>
> Why shouldn't it be possible? You've specifically allowed connections
> from that IP range.

Yes thats correct with the IP address range. Maybe I did not understand
the auth concept yet. I thought, that with METHOD set to md5, a md5
hashed password is required. The password is submitted with the PHP 5
pg_connect function - as plain text.

> (If you're wondering why he didn't have to type his password,
> it's likely because pgAdmin is getting it out of ~/.pgpass or
> some private settings file.)
>
> regards, tom lane

Also to Peter. It is like that - the pasword is stored in ~/.pgpass as
expected.

So maybe the better question is: what is the difference between METHOD
password and md5? As I assume now because of your answers, it has
nothing to do with either the password is md5 hashed or not?

Thanks to everybody!

cheers

Andy

--

St.Pauli - Hamburg - Germany

Andreas Wenk