Re: Password Encryption and Connection Issues
| От | Greg Sabino Mullane |
|---|---|
| Тема | Re: Password Encryption and Connection Issues |
| Дата | |
| Msg-id | CAKAnmmLfYwA+A6_A7fHbFOpYLmzs-7wjpFfR32b7c3qJOTxscg@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: Password Encryption and Connection Issues (Greg Sabino Mullane <htamfids@gmail.com>) |
| Список | pgsql-general |
Best solution: Upgrade everyone to scram, then change md5 to scram in pg_hba.conf and never look back.
To expand more on the "upgrade everyone to scram", that means force all users to set a new password while using scram (which should be the default). You can do it yourself by getting a list of users and changing their passwords inside psql:
-- List all users still stuck in md5-land:
greg=# select rolname from pg_authid where rolpassword ~ '^md5'
alice
eve
mallory
(3 rows)
-- Just in case, force use of scram
greg=# set password_encryption = 'scram-sha-256';
SET
-- Reset each user's password to some strong password of your choice:
greg=# \password alice
Enter new password for user "alice":
Enter it again:
Enter it again:
-- Repeat the above until this query returns no rows:
select rolname from pg_authid where rolpassword ~ '^md5'
Cheers,
Greg
В списке pgsql-general по дате отправления: