MD5 password issue

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi everybody,

we are trying to understand an issue concerning the md5 password encryption. The situation
is as follows.

In pg_hba.conf we have:

# TYPE DATABASE USER CIDR-ADDRESS METHOD

# "local" is for Unix domain socket connections only
local all all ident sameuser

# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 192.168.97.0/24 md5

in pg_authid we get:

postgres=# SELECT rolname,rolpassword from pg_authid;
rolname | rolpassword
- -----------+-------------------------------------
postgres |
pgadmin | plaintext
odie | md5passswwwwooooorrrd

The user odie was created with:
CREATE ROLE odie LOGIN ENCRYPTED PASSWORD 'feedme';

The user pgadmin was created with:
$ createuser -a -d -P -N -U postgres pgadmin

The -N parameter forces not to encrypt the password - what we can see as a result in
pg_authid (if this makes sense or not is another question ;-) ).

Now the question: why is the user pgadmin able to connect to the database using pgAdmin
III from 192.168.97.30? That sould not be possible ... or am I wrong?

Thanks for any advice

Cheers

Andy

- --
St.Pauli - Hamburg - Germany

Andreas Wenk

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJb0YnVa7znmSP9AwRAs8kAKDg4UQfyLUgqHPWkSVOq48LX0ZimgCfU4dv
rn3adosn4wPJ1wwRDmXFLF4=
=df3W
-----END PGP SIGNATURE-----