Skip site navigation (1) Skip section navigation (2)

Re: Differences in crypt hash?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Richard Hodges <rh(at)matriplex(dot)com>
Cc: pgsql-docs(at)postgresql(dot)org
Subject: Re: Differences in crypt hash?
Date: 2001-08-04 17:05:02
Message-ID: 29263.996944702@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-docs
Richard Hodges <rh(at)matriplex(dot)com> writes:
> The problem is that my Solaris client does not authenticate against
> my server (7.0.3 built on FreeBSD).

Indeed, one of the nasty things about the 'crypt' authentication method
is that it assumes the crypt() library call acts the same on both client
and server machine.  As you've just discovered, that ain't always so.

There have been plans for some time to supersede our present password
auth methods with something more secure and portable (probably MD5
double hashing at both ends).  I think Vince V. is working on that,
but I've not heard anything about it lately.  You can read all about it
in the pghackers mail archives if you care.

In the meantime, you'll just have to use a different auth method.
Plain "password" would work.  (If you're concerned about someone
sniffing your TCP connection, consider using SSL.)

			regards, tom lane

In response to

Responses

pgsql-docs by date

Next:From: Bruce MomjianDate: 2001-08-04 18:28:25
Subject: Re: Differences in crypt hash?
Previous:From: Richard HodgesDate: 2001-08-04 01:41:27
Subject: Differences in crypt hash?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group