Gregory Seidman <gss+pg@cs.brown.edu> writes:
> Incidentally, how do I make an md5 password? I assume the authentication
> method in pg_hba.conf has to be set to md5, but how do I encrypt the
> password to put in the passwd field in pg_shadow?
The system does it for you, if you specify ENCRYPTED in the CREATE or
ALTER USER command that sets the password. There is also a
postgresql.conf option that makes ENCRYPTED the default behavior of
these commands --- which we did not turn on for 7.3, but it will be on
by default for 7.4, IIRC.
As of current sources, an MD5-stored password can be used with either
password or md5 auth protocol --- but AFAICS the only reason you'd want
to use password (cleartext) protocol would be backwards compatibility
with ancient client libraries. (Due to an oversight, 7.3 release
required you to use md5 protocol with an md5 password; this is fixed for
7.3.2, but I don't recall whether it got into 7.3.1 or not.)
regards, tom lane