| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Michael Banck <mbanck(at)gmx(dot)net> |
| Cc: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: [Patch] Mention md5 is deprecated in postgresql.conf.sample |
| Date: | 2025-11-14 11:53:41 |
| Message-ID: | E6E0577D-7143-46AE-8A47-90762BDE0CC2@yesql.se |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 14 Nov 2025, at 11:47, Michael Banck <mbanck(at)gmx(dot)net> wrote:
> while looking through postgresql.conf on PG18, I noticed that
> password_encryption mentions md5 as valid alternative to scram-sha-256.
> I think it would be useful to mention md5 is deprecated so that people
> looking at it (but have otherwise not gotten the memo) will realize and
> hopefully act on it.
No objection. I suspect the overlap between users who don't read release notes
and users who read .conf.sample comments closely is pretty small, but it
certainly won't hurt.
-#password_encryption = scram-sha-256 # scram-sha-256 or md5
+#password_encryption = scram-sha-256 # scram-sha-256 or (deprecated) md5
#scram_iterations = 4096
#md5_password_warnings = on
Maybe this should be combined with a comment on md5_password_warnings as well?
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2025-11-14 12:11:15 | Re: BUG #19095: Test if function exit() is used fail when linked static |
| Previous Message | Ashutosh Bapat | 2025-11-14 11:53:21 | Re: Changing shared_buffers without restart |