| From: | "scott(dot)marlowe" <scott(dot)marlowe(at)ihs(dot)com> |
|---|---|
| To: | Sally Sally <dedeb17(at)hotmail(dot)com> |
| Cc: | <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: db security (md5) |
| Date: | 2004-04-19 20:21:31 |
| Message-ID: | Pine.LNX.4.33.0404191418170.17372-100000@css120.ihs.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Mon, 19 Apr 2004, Sally Sally wrote:
> I wanted to use md5 authentication method for my pg db. I was initially
> using a trust method and I noticed when I switched to md5 I had to assign a
> password to the user postgres as it was created without one. Here do I pass
> an md5 encrypted string? Also everytime I connect via perl's DBI do I have
> to pass it the encrypted string (if so which perl module for md5 encryption
> is the best to use?)
> I was confused as to whether I should create the password encrypted or
> whether postgres saves it encrypted.
> Sally
The md5 stuff should be handled by the database and the connection layer
invisibly to you. i.e. when I use php, if it's set to md5 auth, I just
use a connect string like this:
$connect = pg_connect("host=myserver name=bubba password=secretword");
and I'm in. Same goes for setting the password via psql or whatnot:
alter user test with password 'abc';
select * from pg_shadow;
(SNIP)
test | 103 (SNIP) | md5f7dc2e1937940bb8486274edc88cc3c5
| From | Date | Subject | |
|---|---|---|---|
| Next Message | scott.marlowe | 2004-04-19 20:40:40 | Re: Data Encryption in PostgreSQL, and a Tutorial. |
| Previous Message | scott.marlowe | 2004-04-19 20:17:48 | Re: [SQL] SQL script |