| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | Meirav Rath <meirav(dot)rath(at)imperva(dot)com> |
| Cc: | Tomas Vondra <tomas(dot)vondra(at)2ndquadrant(dot)com>, "pgsql-bugs(at)lists(dot)postgresql(dot)org" <pgsql-bugs(at)lists(dot)postgresql(dot)org>, PG Bug reporting form <noreply(at)postgresql(dot)org> |
| Subject: | BUG #15035: scram-sha-256 blocks all logins |
| Date: | 2018-01-30 04:37:53 |
| Message-ID: | CAKFQuwbthtxsDcf1YqYO4JiC3KeoejeuJsfWk6pFaSpauHAoaA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Monday, January 29, 2018, Meirav Rath <meirav(dot)rath(at)imperva(dot)com> wrote:
> I set up the password hashing method to scram and now no one can login to
> the server and that's not a bug??
>
If we understand the problem correctly, no, it's not a bug: changing the
password type setting after deployment requires some work to change
pre-existing roles. It is not possible for the server to do it for you, the
passwords being encrypted.
I think the short answer is to setup pg_hba.conf so you can get a superuser
login without a password (peer or trust) and then alter the superuser
password and create/alter any users you want with new password in scram
format.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2018-01-30 04:40:53 | Re: BUG #15035: scram-sha-256 blocks all logins |
| Previous Message | Meirav Rath | 2018-01-30 04:12:37 | Re: BUG #15035: scram-sha-256 blocks all logins |