Re: Re: Encrypting pg_shadow passwords

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Jim Mercer <jim(at)reptiles(dot)org>, Lincoln Yeoh <lyeoh(at)pop(dot)jaring(dot)my>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: Re: Encrypting pg_shadow passwords
Date: 2001-06-26 17:28:25
Message-ID: Pine.LNX.4.30.0106261924580.724-100000@peter.localdomain
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Bruce Momjian writes:

> The only reason to add double-crypt is so we can continue to use
> /etc/passwd entries on systems that use crypt() in /etc/passwd.

On the sites that are most likely to utilize that (because they have a lot
of users) it won't work (because they use NIS). There are better ways to
do that (e.g., PAM).

Also, see http://httpd.apache.org/docs/misc/FAQ.html#passwdauth

--
Peter Eisentraut peter_e(at)gmx(dot)net http://funkturm.homeip.net/~peter

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Víctor Romero 2001-06-26 17:41:28 Benchmarking
Previous Message Trond Eivind =?iso-8859-1?q?Glomsr=F8d?= 2001-06-26 16:43:08 Re: Re: Encrypting pg_shadow passwords