| From: | Felipe Gasper <felipe(at)felipegasper(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Temporarily suspend a user account? |
| Date: | 2015-02-06 22:10:11 |
| Message-ID: | 54D53BC3.3050807@felipegasper.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 6 Feb 2015 4:04 PM, Michael Nolan wrote:
>
> Encrypted passwords are kept in the pg_shadow file and should start with 'md5'.
>
> Just save a copy of the encrypted password for that user and when you
> want to re-enable that user do:
>
> alter user xxx encrypted password 'md5xxxxxxxx';
>
> I have tested this on 9.3.5.
That’s basically what I tried before, though I just string-reversed the
MD5 hash so that I could un-reverse it. I also prefixed “md5” with '-'
so I could tell which passwords were scrambled.
What I found was that a “suspended” user could still log in, though.
I looked for some control to “reload” the passwords from that datastore
but couldn’t find any.
I also did this on pg_authid; would that have made a difference?
-FG
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jerry Sievers | 2015-02-06 22:21:26 | Re: Temporarily suspend a user account? |
| Previous Message | George Weaver | 2015-02-06 22:07:01 | Unknown error while running <> postgresql_installer_dc46cfee2c\getlocales.exe |