| From: | Shaun Thomas <sthomas(at)optionshouse(dot)com> |
|---|---|
| To: | PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Securing .pgpass File? |
| Date: | 2012-10-01 15:32:11 |
| Message-ID: | 5069B77B.7040008@optionshouse.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hey,
So, I've searched around through the archives, and it seems this has
come up a couple times in the past. But one scenario that was never
explored was when using one .pgpass file in a cluster of servers, in
which case it makes sense to save it in source control, or something
like puppet/bcfg. So my question is this:
Has anyone come up with a good solution for distributing a .pgpass file
that doesn't expose it to anyone who has access to the distribution
mechanism?
I ask because several people can access and make pull requests to our
configuration management system, but except for .pgpass, none of these
files contain plain-text passwords. We have dozens of systems running
PostgreSQL, and manually setting up each one is a waste of time; we have
configuration management for a reason.
Am I just missing something, here?
Thanks, everyone!
--
Shaun Thomas
OptionsHouse | 141 W. Jackson Blvd. | Suite 500 | Chicago IL, 60604
312-444-8534
sthomas(at)optionshouse(dot)com
______________________________________________
See http://www.peak6.com/email_disclaimer/ for terms and conditions related to this email
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Merlin Moncure | 2012-10-01 16:22:03 | Re: What's faster? BEGIN ... EXCEPTION or CREATE TEMP TABLE IF NOT EXISTS? |
| Previous Message | Moshe Jacobson | 2012-10-01 15:21:41 | Re: What's faster? BEGIN ... EXCEPTION or CREATE TEMP TABLE IF NOT EXISTS? |