| From: | Shaun Thomas <sthomas(at)optionshouse(dot)com> |
|---|---|
| To: | Greg Sabino Mullane <greg(at)turnstep(dot)com>, <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Securing .pgpass File? |
| Date: | 2012-10-03 13:38:04 |
| Message-ID: | 506C3FBC.7000409@optionshouse.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 10/02/2012 04:19 PM, Martijn van Oosterhout wrote:
> - Punt. Check in the password but set the access controls so it only
> work for very few IPs, then you only need to worry about people who
> can log into *those* machines. Which is controlled by public SSH
> keys which you can check-in safely. Not super safe, but for
> read-only accounts for e.g. nagios might be ok.
I think this is the right answer for us. :) I'll just go through each
specialized user we have now (replication, performance metrics, slony)
and make IP->IP locked-down cases for all of them.
It just feels wrong, somehow. :)
Thanks again, everyone!
--
Shaun Thomas
OptionsHouse | 141 W. Jackson Blvd. | Suite 500 | Chicago IL, 60604
312-444-8534
sthomas(at)optionshouse(dot)com
______________________________________________
See http://www.peak6.com/email_disclaimer/ for terms and conditions related to this email
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Leonardo M. Ramé | 2012-10-03 14:21:57 | Upgrading 8.3-rc1 to 8.3.20 |
| Previous Message | Shaun Thomas | 2012-10-03 13:33:36 | Re: Replication err |