| From: | luis(dot)sa(at)htip(dot)com(dot)br |
|---|---|
| To: | <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: Security with V9.3.3 standby servers |
| Date: | 2015-02-26 17:58:21 |
| Message-ID: | f33c0befa4af7ab4a07a647c3796378e@htip.com.br |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
On Thu, 26 Feb 2015 11:15:51 -0500, John Scalia wrote:
> Hi all,
>
> An edict has been handed down here from on high that no script shall
> ever contain any password in cleartext for any reason. Well this is
> problem with a streaming replication standby server's recovery.conf
> file as the line primary_conninfo = contains said replication user's
> password for that connection. Is there any sort of plan to allow this
> to be md5 or some such encoded? Or what else could I do in this case?
>
> Thx,
> Jay
Yes. Use ssh key to create a fingerprint.
Ex. "ssh-keygen" command to generate a fingerprint. And "ssh-copy-id
postgres(at)slave" and "ssh-copy-id user(at)master" to copy the key to alow
both machines communicated over ssh.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | luis.sa | 2015-02-26 18:14:47 | Re: Security with V9.3.3 standby servers |
| Previous Message | John Scalia | 2015-02-26 16:15:51 | Security with V9.3.3 standby servers |