Çagil Seker <cagils@biznet.com.tr> wrote:
> sorry, but I have another q about that md5 hashing. When I use a
> sniffer on the wire I see md5 hashes of user - probably the password
> hash. But when I compare the password hash with the hash on the wire
> I see they are different. In what format is the md5 hash on the wire
> encoded? I've tried double md5'ing but didn't get the right hash.
>
There seems to be some confusion regarding the md5 authentication method
used in postgresql, and i thought it might be good if i typed this
message so that it can be referred to if anyone asks these questions
again.
Someone will surely correct me if i'm wrong :)
The password in the database is stored like this:
md5passwd = "md5"+md5(cleartxtpasswd+user);
When connecting and authenticating this happens:
The server generates a random salt (nonce) and sends it to the client.
md5salt = 4 random chars
The client then does this:
md5hash = md5(md5(cleartxtpasswd+user)+md5salt)
and sends it to the server.
The server then does the same on it's side and compares the result with
the hash gotten from the client. If they match the password is correct.
This is standard MAC / shared secret stuff.
It's done do avoid sending clear text passwords (or even the stored md5
password, to prevent brute force cracking) over the wire.
Regards
Magnus