| From: | Laurenz Albe <laurenz(dot)albe(at)cybertec(dot)at> |
|---|---|
| To: | Nikhil Shetty <nikhil(dot)dba04(at)gmail(dot)com>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Upgrading password encryption from md5 to scram-sh-256 |
| Date: | 2021-05-28 14:29:10 |
| Message-ID: | 7fa8483c9d3d1fdc12c3b6aba1eb637ce366b370.camel@cybertec.at |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Fri, 2021-05-28 at 18:57 +0530, Nikhil Shetty wrote:
> As per documentation, for upgrading password encryption from md5 to scram-sha-256,
> we have to set password_encryption to scram-sha-256, reset the user password and
> then change in pg_hba.conf.
>
> Is there any other way to do this without changing the password? if there are a lot
> of login users in the database it becomes difficult and it may incur downtime as well.
>
> I see there is a way the users can do it by themselves but still will incur some downtime.
There is no other way than for the users to set the password again, because PostgreSQL
doesn't know the original password.
You can leave the "pg_hba.conf" entry set to "md5", then users can login with
scram-sha-256 passwords as well as with md5 passwords. That can make the transition
painless.
Yours,
Laurenz Albe
--
Cybertec | https://www.cybertec-postgresql.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Holger Jakobs | 2021-05-28 14:41:21 | Re: Upgrading password encryption from md5 to scram-sh-256 |
| Previous Message | Nikhil Shetty | 2021-05-28 13:27:43 | Upgrading password encryption from md5 to scram-sh-256 |