Обсуждение: password encryption
We are currently using the pg_passwd utility to encrypt passwords. Someone here told me that I can now encrypt passwords within postgresql so that they are not stored in plain text in the pg_shadow file.
Is this true? I cannot seem to find any mention of it in my postgresql books but it's quite possible that they were all written prior to the release of 7.2.
Thanks
Jodi
_______________________________
Jodi L Kanter
BioInformatics Database Administrator
University of Virginia
(434) 924-2846
jkanter@virginia.edu
Jodi Kanter wrote: > We are currently using the pg_passwd utility to encrypt passwords. > Someone here told me that I can now encrypt passwords within postgresql > so that they are not stored in plain text in the pg_shadow file. > Is this true? I cannot seem to find any mention of it in my postgresql > books but it's quite possible that they were all written prior to the > release of 7.2. See http://www.postgresql.org/idocs/index.php?runtime-config.html , a bit more than half way down: "PASSWORD_ENCRYPTION (boolean) When a password is specified in CREATE USER or ALTER USER without writing either ENCRYPTED or UNENCRYPTED, this flag determines whether the password is to be encrypted. The default is off (do not encrypt the password), but this choice may change in a future release. " You can change this in postgresql.conf. Note that ENCRYPTED is the default as of 7.3. Also see ALTER USER: http://www.postgresql.org/idocs/index.php?sql-alteruser.html And pg_hba.conf: http://www.postgresql.org/idocs/index.php?client-authentication.html#PG-HBA-CONF Look for md5. The basic idea is that ENCRYPTED vs UNENCRYPTED default is controlled by PASSWORD_ENCRYPTION in the postgresql.conf file. ALTER USER can explicitly set a user's password as ENCRYPTED. You need to modify pg_hba.conf to allow "md5" instead of "password" HTH, Joe
Are there the following SQL commands in psotgreSQL? ALTER TABLE CATALOGITEM_LNK ADD CONSTRAINT PK_CATALOGITEM_LNK PRIMARY KEY(catalogid, itemid); ALTER TABLE CATALOGITEM_LNK ADD CONSTRAINT FK_CATALOGITEM_LNK_CATALOG FOREIGN KEY (catalogid) REFERENCES CATALOG(id); ______________________________________________________________________ Post your free ad now! http://personals.yahoo.ca
RTFM. www.postgresql.org -> your favorite mirror -> interactive documentation (http://www.postgresql.org/idocs/) -> SQL Commands (http://www.postgresql.org/idocs/index.php?sql-commands.html) -> ALTER TABLE (http://www.postgresql.org/idocs/index.php?sql-altertable.html) It wasn't that hard. :-) http://www.postgresql.org/idocs/index.php?sql-altertable.html hugs & kisses, Mauricio ----- Original Message ----- From: "Xue-Feng Yang" <just4look@yahoo.com> To: "Postgres Admin List" <pgsql-admin@postgresql.org> Sent: Tuesday, October 15, 2002 10:13 AM Subject: [ADMIN] newbie questions > Are there the following SQL commands in psotgreSQL? > > ALTER TABLE CATALOGITEM_LNK ADD > CONSTRAINT PK_CATALOGITEM_LNK PRIMARY KEY(catalogid, > itemid); > > ALTER TABLE CATALOGITEM_LNK ADD > CONSTRAINT FK_CATALOGITEM_LNK_CATALOG FOREIGN KEY > (catalogid) REFERENCES CATALOG(id); > > > ______________________________________________________________________ > Post your free ad now! http://personals.yahoo.ca > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org >