Re: MD5 password storage - should be the same everywhere?

From: Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
To: Francisco Reyes <lists(at)natserv(dot)net>, pgsql-general(at)postgresql(dot)org
Subject: Re: MD5 password storage - should be the same everywhere?
Date: 2015-05-25 23:58:42
Message-ID: 5563B732.2060000@aklaver.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On 05/25/2015 01:41 PM, Francisco Reyes wrote:
> Should the same password, stored in MD5, be the same across different DBs?
>
> If I did either:
> create user SomeUser encrypted password 'SomePassword';
> alter user SomeUser encrypted password 'SomePassword';
>
> On multiple machines, should the MD5 be the same?
> using
> select rolname, rolpassword,rolcanlogin from pg_catalog.pg_authid where
> rolname = 'SomeUser';
>
> Should the MD5 be the same?

I understood that is just a md5 hash of the password and the username
with the string md5 pre-appended, so it should be the same.

>
> I see one machine where a user has a different md5 but the password is
> the same as several other machines. In other words the MD5 is different,
> but the password is the same. Is that expected?
>
> In other words say I have machine1... machine5 and I have user with
> password 'SomePassword' in 4 of the machines the MD5 is the same, but in
> (say for example) machine 2 the MD5 is different. Yet I can login to the
> user in that machine with 'SomePassword' as password.
>
> Restoring from this "machine2" to another machine and none of the
> passwords worked.

That is not good.

>
> Any pointers/ideas of what is going on?

Not without some more information.

1) What Postgres version(s)?

2) Are all the machines the same as regards OS, architecture, and
Postgres version? Otherwise what are the specifications for the machines?

3) Has there been a crash or some other problem with 'machine 2' lately?

4) How did the data get into the various machines? Dump/restore,
pg_upgrade, replication, or some other method?

5) Are the Postgres instances standalone or are they tied together by
some replication method?

6) What are the pg_hba.conf settings on 'machine 2'?

7) Anything else you might think is relevant, in particular any log
information.

>
>

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Yves Dorfsman 2015-05-26 03:41:34 Re: MD5 password storage - should be the same everywhere?
Previous Message Francisco Reyes 2015-05-25 20:41:15 MD5 password storage - should be the same everywhere?