Postgres Professional
en

Re: Differences in crypt hash?

От: Tom Lane
Тема: Re: Differences in crypt hash?
Дата: ,
Msg-id: 29263.996944702@sss.pgh.pa.us
(см: обсуждение, исходный текст)
Ответ на: Differences in crypt hash?  (Richard Hodges)
Ответы: Re: Differences in crypt hash?  (Bruce Momjian)
Список: pgsql-docs

Скрыть дерево обсуждения

Differences in crypt hash?  (Richard Hodges, )
 Re: Differences in crypt hash?  (Tom Lane, )
  Re: Differences in crypt hash?  (Bruce Momjian, )
   Re: Differences in crypt hash?  (Richard Hodges, ) 
Richard Hodges <> writes:
> The problem is that my Solaris client does not authenticate against
> my server (7.0.3 built on FreeBSD).

Indeed, one of the nasty things about the 'crypt' authentication method
is that it assumes the crypt() library call acts the same on both client
and server machine.  As you've just discovered, that ain't always so.

There have been plans for some time to supersede our present password
auth methods with something more secure and portable (probably MD5
double hashing at both ends).  I think Vince V. is working on that,
but I've not heard anything about it lately.  You can read all about it
in the pghackers mail archives if you care.

In the meantime, you'll just have to use a different auth method.
Plain "password" would work.  (If you're concerned about someone
sniffing your TCP connection, consider using SSL.)

            regards, tom lane

В списке pgsql-docs по дате сообщения:

Предыдущее:
От: Richard Hodges
Дата:
Сообщение: Re: Differences in crypt hash?
Следующее:
От: Tom Lane
Дата:
Сообщение: Re: [GENERAL] Re: user guide