Re: MD5 authentication needs help

* Albe Laurenz (laurenz(dot)albe(at)wien(dot)gv(dot)at) wrote:
> Stephen Frost wrote:
> > Yes, it certainly was. I think Bruce was thinking that we could simply
> > hash what goes on to disk with an additional salt that's stored, but
> > that wouldn't actually work without requiring a change to the wireline
> > protocol, which is the basis of this entire line of discussion, in my
> > view.
>
> This article
> https://hashcat.net/misc/postgres-pth/postgres-pth.pdf
> has some ideas about how to improve the situation.

This falls into the same category as some other proposed changes- it
requires wireline protocol changes, which means it really isn't
interesting to consider.

While I'm not surprised, it's certainly unfortunate that none of these
articles bother to point out what would be really useful to PG users-
how they can decide which risks they want to accept by choosing the
authentication method. Using 'password', while it isn't great because
of the poor salt used (username), it isn't vulnerable to the 'PTH'
attack, and better authentication methods are available (certificates,
Kerberos, PAM, etc). Admittedly, the default is md5 for most
distributions, but that's because the better auth methods require
depending on external systems and distribution installers can't know if
those systems have been set up or not.

Thanks,

Stephen