| From: | Peter Eisentraut <peter_e(at)gmx(dot)net> |
|---|---|
| To: | John Scalia <jayknowsunix(at)gmail(dot)com>, "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Security with V9.3.3 standby servers |
| Date: | 2015-02-27 19:02:45 |
| Message-ID: | 54F0BF55.6020002@gmx.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On 2/26/15 11:15 AM, John Scalia wrote:
> An edict has been handed down here from on high that no script shall
> ever contain any password in cleartext for any reason. Well this is
> problem with a streaming replication standby server's recovery.conf file
> as the line primary_conninfo = contains said replication user's password
> for that connection. Is there any sort of plan to allow this to be md5
> or some such encoded? Or what else could I do in this case?
You can put the password in the a .pgpass file. Not sure if that counts
as a "script".
Or you can do away with passwords and authenticate using SSL client
certificates.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Josef Springer | 2015-03-01 12:08:39 | Re: Installing PostgreSQL fails |
| Previous Message | Lou Picciano | 2015-02-27 16:12:31 | Re: Installing PostgreSQL fails |