| From: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
|---|---|
| To: | Azimuddin Mohammed <azimeiu(at)gmail(dot)com>, pgsql-admin <pgsql-admin(at)postgresql(dot)org>, Postgres General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Password encryption |
| Date: | 2018-04-16 00:37:33 |
| Message-ID: | 7dee6678-0114-782b-6c6e-5fa8ad08dd05@aklaver.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-general |
On 04/15/2018 05:22 PM, Azimuddin Mohammed wrote:
> Hello,
> Is there a way I can encrypt the default password column of db user
> password. I know by default the password is encrypted as md5, can we
> encrypt that of shadow column for password?
Are you talking about this view?:
https://www.postgresql.org/docs/10/static/view-pg-shadow.html
If so that is only readable by superusers:
production=# \c - aklaver
You are now connected to database "production" as user "aklaver".
production=> select * from pg_shadow ;
ERROR: permission denied for relation pg_shadow
production=> \c - postgres
You are now connected to database "production" as user "postgres".
production=# select * from pg_shadow ;
usename | usesysid | usecreatedb | usesuper | userepl |
usebypassrls | passwd | valuntil | useconfig
...
Assuming someone is in your database as a superuser, access to the
password field in pg_shadow is pretty much moot.
>
> Thanks in advance
--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron | 2018-04-16 01:16:04 | Re: Password encryption |
| Previous Message | Azimuddin Mohammed | 2018-04-16 00:22:48 | Password encryption |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron | 2018-04-16 01:16:04 | Re: Password encryption |
| Previous Message | Azimuddin Mohammed | 2018-04-16 00:22:48 | Password encryption |