Quick Links

Re: SCRAM auth and Pgpool-II

From:	Chapman Flack <chap(at)anastigmatix(dot)net>
To:	Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp>, sfrost(at)snowman(dot)net
Cc:	michael(dot)paquier(at)gmail(dot)com, robertmhaas(at)gmail(dot)com, pgsql-hackers(at)postgresql(dot)org
Subject:	Re: SCRAM auth and Pgpool-II
Date:	2017-07-14 01:31:36
Message-ID:	59681EF8.6060506@anastigmatix.net
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-hackers

On 07/13/17 20:09, Tatsuo Ishii wrote:

> The comment in pg_hba.conf.sample seem to prefer md5 over clear text
> password.
>
> # Note that "password" sends passwords in clear text; "md5" or
> # "scram-sha-256" are preferred since they send encrypted passwords.

Should that be reworded to eliminate "md5"? I'd consider "scram-sha-256"
suitable over a clear channel, but I've never recommended "md5" for that.

-Chap

In response to

Re: SCRAM auth and Pgpool-II at 2017-07-14 00:09:26 from Tatsuo Ishii

Responses

Re: SCRAM auth and Pgpool-II at 2017-07-14 01:54:38 from Tatsuo Ishii

Browse pgsql-hackers by date

	From	Date	Subject
Next Message	Thomas Munro	2017-07-14 01:46:41	Re: Inadequate infrastructure for NextValueExpr
Previous Message	Claudio Freire	2017-07-14 01:06:52	Re: Fwd: Vacuum: allow usage of more than 1GB of work mem