| From: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Automatic upgrade of passwords from md5 to scram-sha256 |
| Date: | 2025-01-13 17:19:06 |
| Message-ID: | CANzqJaDxwg_zS3LKZPq1Yj_sJV-T_qWT=mCF-ptEOcDHUJ+nzQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Sun, Jan 12, 2025 at 5:59 PM Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
[snip]
> I think this idea is a nonstarter, TLS or not. We're generally moving
> in the direction of never letting the server see cleartext passwords.
> It's already possible to configure libpq to refuse such requests
> (see require_auth parameter), although that hasn't been made the
> default.
>
ALTER ROLE xxx WITH PASSWORD accepts hashed values, so a client with the
SCRAM-SHA algorithm could:
1. remember the password that was just used to log in,
2. generate the new hash,
3. send that as an ALTER ROLE statement.
Anything which shows up in the logs would be no different than when someone
types ALTER ROLE ... WITH PASSWORD from the psql prompt.
--
Death to <Redacted>, and butter sauce.
Don't boil me, I'm still alive.
<Redacted> lobster!
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Divyansh Gupta JNsThMAudy | 2025-01-13 17:19:41 | Re: Need help in logical replication |
| Previous Message | Joe Conway | 2025-01-13 17:11:12 | Re: Automatic upgrade of passwords from md5 to scram-sha256 |