Re: Differences in crypt hash?

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Richard Hodges <rh(at)matriplex(dot)com>
Cc: pgsql-docs(at)postgresql(dot)org
Subject: Re: Differences in crypt hash?
Date: 2001-08-04 17:05:02
Message-ID: 29263.996944702@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs

Richard Hodges <rh(at)matriplex(dot)com> writes:
> The problem is that my Solaris client does not authenticate against
> my server (7.0.3 built on FreeBSD).

Indeed, one of the nasty things about the 'crypt' authentication method
is that it assumes the crypt() library call acts the same on both client
and server machine. As you've just discovered, that ain't always so.

There have been plans for some time to supersede our present password
auth methods with something more secure and portable (probably MD5
double hashing at both ends). I think Vince V. is working on that,
but I've not heard anything about it lately. You can read all about it
in the pghackers mail archives if you care.

In the meantime, you'll just have to use a different auth method.
Plain "password" would work. (If you're concerned about someone
sniffing your TCP connection, consider using SSL.)

regards, tom lane

In response to

Responses

Browse pgsql-docs by date

  From Date Subject
Next Message Bruce Momjian 2001-08-04 18:28:25 Re: Differences in crypt hash?
Previous Message Richard Hodges 2001-08-04 01:41:27 Differences in crypt hash?