Re: scram-sha-256 encrypted password in pgpass
| От | Pavan Kumar |
|---|---|
| Тема | Re: scram-sha-256 encrypted password in pgpass |
| Дата | |
| Msg-id | CA+M0sHE=wMp3Q251AaHcz612D14qY7X3xgGvzuM8npAY_B6FxA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: scram-sha-256 encrypted password in pgpass ("David G. Johnston" <david.g.johnston@gmail.com>) |
| Ответы |
Re: scram-sha-256 encrypted password in pgpass
(Adrian Klaver <adrian.klaver@aklaver.com>)
Re: scram-sha-256 encrypted password in pgpass (Adrian Klaver <adrian.klaver@aklaver.com>) Re: scram-sha-256 encrypted password in pgpass ("David G. Johnston" <david.g.johnston@gmail.com>) Re: scram-sha-256 encrypted password in pgpass ("David G. Johnston" <david.g.johnston@gmail.com>) Re: scram-sha-256 encrypted password in pgpass (Stephen Frost <sfrost@snowman.net>) Re: scram-sha-256 encrypted password in pgpass (Stephen Frost <sfrost@snowman.net>) Re: scram-sha-256 encrypted password in pgpass (Tim Cross <theophilusx@gmail.com>) |
| Список | pgsql-admin |
Adrian, David,
Thank you so much for the quick response.
What would be the point of storing the encrypted password instead of the plaintext one?
As per our organization security policies, we can 't keep any passwords in plain text format.
I am working on postgres + pgbouncer setup, tested pgbouncer 1.14 where we have support to use encrypted password in userlist,txt file. I am surprised why pgpass is not supporting encrypted passwords.
On Mon, Jun 22, 2020 at 5:04 PM David G. Johnston <david.g.johnston@gmail.com> wrote:
scram-sha-256 encrypted passwords are supported in .pgpass file ? If yes kindly provide us an example.I am using below format and it is not working for mepglnx1:5432:pgbouncer:pgadmin:"SCRAM-SHA-256$4096:6IDsjfedwsdpymp0Za7jaMew==$rzSoYL4ZYsW1WJAj7Lt3JtNLNR73AVY7sfsauikweblk][=:Hxx/juPXJZHy5djPctI="The documentation doesn't say so one way or the other so I would go with no. The password in the pgpass file has to be the plaintext password. The client, upon speaking with the server, will decide whether to send the plaintext password to the server or encrypt it prior to transmission.What would be the point of storing the encrypted password instead of the plaintext one?David J.
Regards,
#! Pavan Kumar
-----------------------------------------------
Sr. Database Administrator..!
NEXT GENERATION PROFESSIONALS, LLC
Cell # 267-799-3182 # pavan.dba27 (Gtalk)
#! Pavan Kumar
-----------------------------------------------
Sr. Database Administrator..!
NEXT GENERATION PROFESSIONALS, LLC
Cell # 267-799-3182 # pavan.dba27 (Gtalk)
India # 9000459083
Take Risks; if you win, you will be very happy. If you lose you will be Wise
В списке pgsql-admin по дате отправления: