Re: Restart PostgreSQL service with SSL and private key pass phrase

From: Bear Giles <bgiles(at)coyotesong(dot)com>
To: sri bhav <sri_bhav(at)hotmail(dot)com>
Cc: "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Restart PostgreSQL service with SSL and private key pass phrase
Date: 2017-11-20 13:56:06
Message-ID: CALBNtw56RzTu1Pq9yREdqX-tSBmgmgBF7VpYT4rq8F7fffqPBQ@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

​I don't have answers for PostgreSQL specifically but servers usually don't
require passphrases on their keys due to the need for human intervention.​
The alternative is running a key service - a server on a secure site that
provides keys to servers as they come up - but that just moves the problem
back by one step since you still have to have the authentication
information for the key service on your server. An attacker could still
steal that and obtain the key from the key service.

In the Unix/Linux world one approach is to put the key on an NFS server, or
perhaps even a CD-ROM, and have the server startup script mount the drive,
access the key on it, and then unmount the drive. That keeps the key off
backup media(*) and invisible to the average attacker with illicit root
access. A knowledgeable attacker would still know how to find the startup
script and see how the key is retrieved but they're relatively uncommon.
Needless to say the NFS server would be on an internal network and not
visible to the outside world.

I don't know what's done in the Windows world.

(* the backup software should be smart enough to know that the keys
shouldn't be backed up, e.g., by checking the extended attributes, but it's
easy to misconfigure that.)

On Fri, Nov 17, 2017 at 2:19 PM, sri bhav <sri_bhav(at)hotmail(dot)com> wrote:

> Hi,
>
> I currently have PostgreSQL 9.5 installed on a Windows 10 machine. I
> have enabled SSL and configured key & crt files with pass phrase. I know
> that I have to enter the PEM pass phrase everytime I try to restart. So I
> tried using pg_ctl to start Postgres, but I have few issues:
>
> 1. Since I installed Postgres as Windows service, running pg_ctl does
> not start my service. I see postgresql exe instances running in Task
> manager but my windows service never gets updated to Running.
> 2. After running the following command:
>
> pg_ctl -D "c:\Program Files\PostgreSQL\9.5\data" restart -w
>
> I was able to enter the PEM pass phrase since I got a prompt and was able
> to connect. But when my application is trying to establish the connection
> with Postgresql, the application is waiting since there are prompts on the
> command windows where I executed the pg_ctl command to enter the PEM pass
> phrase. I think this makes the application totally unusable.
>
> 1. Per our security requirements, we cannot remove the PEM pass
> phrase, so how do I control the PostgreSQL service – start & restart with
> the pass phrase and without user interaction.
>
>
>
> Please advise on how to achieve what I am doing or share any alternatives
> that someone already has for this situation.
>
>
>
> Thank you
>
>
>
>
>
> Sent from Mail <https://go.microsoft.com/fwlink/?LinkId=550986> for
> Windows 10
>
>
>

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Laurenz Albe 2017-11-20 14:12:56 Re: Restart PostgreSQL service with SSL and private key pass phrase
Previous Message Fabrízio de Royes Mello 2017-11-19 08:31:56 Re: Partitioning & ORM apps