Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

pgman wrote:
> Stephen Frost wrote:
> -- Start of PGP signed section.
> > * Andrew Dunstan (andrew(at)dunslane(dot)net) wrote:
> > > The docs say: "only md5 supports encrypted passwords stored in
> > > pg_shadow; the other two require unencrypted passwords to be stored
> > > there." So either your assertion that 'password' auth does not imply
> > > plaintext password storage is wrong, or the docs are.
> >
> > The docs are wrong. Sorry, I knew that and forgot to mention it
> > explicitly previously. Using 'password' in pg_hba.conf while using
> > 'with encrypted password'/md5 in pg_shadow works just fine.
> >
> > Just tested here to make 100% sure, under 8.0.1.
>
> I see the documentation is slightly confusing. I have applied this
> patch to HEAD and 8.0.X to clarify it.

With the documentation text clarified, this patch fixes the actual
documentation problem that both 'password' and 'md5' supporte encrypted
pg_shadow passwords, while only crypt does not. Applied to 8.0.X and
HEAD.

--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073