Skip site navigation (1) Skip section navigation (2)

Re: ODBC and crypted passwords

From: Patrick Welche <prlw1(at)newn(dot)cam(dot)ac(dot)uk>
To: Peter Mount <petermount(at)it(dot)maidstone(dot)gov(dot)uk>
Cc: "'Hannu Krosing'" <hannu(at)tm(dot)ee>, "'Henk van Lingen'" <henkvl(at)cs(dot)uu(dot)nl>, pgsql-interfaces(at)postgresql(dot)org
Subject: Re: ODBC and crypted passwords
Date: 2000-04-12 13:22:58
Message-ID: 20000412142258.D6111@quartz.newn.cam.ac.uk (view raw or flat)
Thread:
Lists: pgsql-interfaces
cf http://asg.web.cmu.edu/sasl/    ?

On Wed, Apr 12, 2000 at 11:59:19AM +0100, Peter Mount wrote:
> Thats why I said its for the future :-)
> 
> I always use crypt if it's going outside the server, so some form of
> encrypted transport is required. Anyhow, the main reason I mentioned
> PAM, is that not every platform would have a password file (NT for
> example, although you can configure one in cygwin).
> 
> Peter
> 
> -- 
> Peter Mount
> Enterprise Support
> Maidstone Borough Council
> Any views stated are my own, and not those of Maidstone Borough Council.
> 
> 
> 
> -----Original Message-----
> From: Hannu Krosing [mailto:hannu(at)tm(dot)ee]
> Sent: Wednesday, April 12, 2000 10:47 AM
> To: Peter Mount
> Cc: 'Henk van Lingen'; pgsql-interfaces(at)postgresql(dot)org
> Subject: Re: [INTERFACES] ODBC and crypted passwords
> 
> 
> Peter Mount wrote:
> > 
> > One thing that may be useful, is not to check against the unix
> password
> > file, but to use PAM. That way, you could even authenticate against
> the
> > dreadded NT accounts, unix password file, dbm file etc...
> > 
> > Anyhow, this is something to think about for the future ;-)
> 
> IMHO this defeats the purpose of crypt - not to send plaintext passwords
> 
> over the net.
> 
> OTOH, it could be done over a secure (SSL/TLS) channel of course.
> 
> -----------
> Hannu

In response to

pgsql-interfaces by date

Next:From: Dave PageDate: 2000-04-12 15:11:04
Subject: Problem with psql.exe on Win2K (7.0 BETA 5)
Previous:From: Peter MountDate: 2000-04-12 10:59:19
Subject: RE: ODBC and crypted passwords

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group