| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Pavan Kumar <pavan(dot)dba27(at)gmail(dot)com> |
| Cc: | Pgsql-admin <pgsql-admin(at)lists(dot)postgresql(dot)org>, "pgsql-generallists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: scram-sha-256 encrypted password in pgpass |
| Date: | 2020-06-22 22:04:42 |
| Message-ID: | CAKFQuwZHLq1o55-sSaeuF8hU=9nYXN8MNTdL50A7W7Zf_6ZjHQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-general |
Please don't cross-post.
On Mon, Jun 22, 2020 at 1:35 PM Pavan Kumar <pavan(dot)dba27(at)gmail(dot)com> wrote:
> scram-sha-256 encrypted passwords are supported in .pgpass file ? If yes
> kindly provide us an example.
>
> I am using below format and it is not working for me
>
> *pglnx1*:*5432*:pgbouncer:*pgadmin*:"SCRAM-SHA-256$4096:6IDsjfedwsdpymp0Za7jaMew==$rzSoYL4ZYsW1WJAj7Lt3JtNLNR73AVY7sfsauikweblk][=:Hxx/juPXJZHy5djPctI=*"*
>
> The documentation doesn't say so one way or the other so I would go with
no. The password in the pgpass file has to be the plaintext password. The
client, upon speaking with the server, will decide whether to send the
plaintext password to the server or encrypt it prior to transmission.
What would be the point of storing the encrypted password instead of the
plaintext one?
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavan Kumar | 2020-06-22 22:32:12 | Re: scram-sha-256 encrypted password in pgpass |
| Previous Message | Adrian Klaver | 2020-06-22 21:56:19 | Re: scram-sha-256 encrypted password in pgpass |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2020-06-22 22:08:37 | Re: Can the current session be notified and refreshed with a new credentials context? |
| Previous Message | Tom Lane | 2020-06-22 22:00:54 | Re: DISTINCT on jsonb fields and Indexes |