Re: Password Encryption and Connection Issues
| От | Greg Sabino Mullane |
|---|---|
| Тема | Re: Password Encryption and Connection Issues |
| Дата | |
| Msg-id | CAKAnmmK9hQE-Cs2rVx_7brmubA1qCyNPmnOf=eA2HuxPwMy9=A@mail.gmail.com обсуждение исходный текст |
| Ответ на | Password Encryption and Connection Issues (Alpaslan AKDAĞ <alpaslanakdag@gmail.com>) |
| Ответы |
Re: Password Encryption and Connection Issues
Re: Password Encryption and Connection Issues |
| Список | pgsql-general |
On Wed, Jul 9, 2025 at 9:57 AM Alpaslan AKDAĞ <alpaslanakdag@gmail.com> wrote:
Is it expected behavior that users created withscram-sha-256passwords can still connect viamd5inpg_hba.conf?
Yes. From the docs:
To ease transition from themd5method to the newer SCRAM method, ifmd5is specified as a method inpg_hba.confbut the user's password on the server is encrypted for SCRAM (see below), then SCRAM-based authentication will automatically be chosen instead.
You can think of "md5" inside pg_hba.conf as "md5 or better"
As a result, some users are able to connect, while others cannot.
Can you expand on this? Nothing you have done should be preventing logins, as far as I can tell.
Best solution: Upgrade everyone to scram, then change md5 to scram in pg_hba.conf and never look back.
Cheers,
Greg
--
Crunchy Data - https://www.crunchydata.com
Enterprise Postgres Software Products & Tech Support
В списке pgsql-general по дате отправления: