On Thu, 2019-09-19 at 15:23 +0200, Matthias Apitz wrote:
> El día Thursday, September 19, 2019 a las 10:31:01PM +1000, rob stone
> escribió:
>
> >
> > https://www.postgresql.org/docs/11/auth-password.html
> >
> > Chapters 20.5 and 20.6 may give you more information.
>
> The form of the password hash store in the PG server or interchange
> over
> the network is not my question. The question is more: When the Linux
> server starts and with this the (ESQL/C written) application servers
> are
> starting, they need the password to connect and this is not provided
> at
> this moment from some keyboard or humanbeing. It must be stored on
> the
> server and available in clear for the server, but not for other eyes
> on
> the server, i.e. the place of the sorage must be ciphered.
>
> matthias
>
Sorry. More caffeine needed.
If you use pg_service.conf you could write a little program to encrypt
the password and store it in this file in its encrypted form.
Then you application obtains the connection credentials from
pg_service.conf, de-encrypts the password and is then able to form the
connection string to access the required database.
HTH,
Robert