Re: Security with V9.3.3 standby servers

On Thu, 26 Feb 2015 13:05:52 -0500, John Scalia wrote:
> On 2/26/2015 12:56 PM, luis(dot)sa(at)htip(dot)com(dot)br wrote:
>> On Thu, 26 Feb 2015 11:15:51 -0500, John Scalia wrote:
>>> Hi all,
>>>
>>> An edict has been handed down here from on high that no script
>>> shall
>>> ever contain any password in cleartext for any reason. Well this is
>>> problem with a streaming replication standby server's recovery.conf
>>> file as the line primary_conninfo = contains said replication
>>> user's
>>> password for that connection. Is there any sort of plan to allow
>>> this
>>> to be md5 or some such encoded? Or what else could I do in this
>>> case?
>>>
>>> Thx,
>>> Jay
>>
>> Yes. Use ssh key to create a fingerprint.
>>
>> Ex. "ssh-keygen" command to generate a fingerprint. And "ssh-copy-id
>> postgres(at)slave" and "ssh-copy-id user(at)master" to copy the key to alow
>> both machines communicated over ssh.
>>
> All systems already have ssh keys shared between them as it's used by
> scp to transmit the WAL archive to both standby servers. How would I
> indicate in the recovery.conf that the embedded password in the line
> primary_conninfo is encrypted? That line only has "user=<the user>
> password=<the password>" I was thinking that the "password=" could
> have something like "md5:<the password>" in it. Or you could just
> specify whichever encryption protocol that was used followed by the
> colon.

Sorry, wrong answer. The password is for role user on postgres and not
ssh.

Well, i don't know... but the security may be guaranteed for linux in
permissions (chmod and chown)..