Обсуждение: passwd / pg_hba.conf

#   password:   Authentication is done by matching a password supplied
#               in clear by the host. If no AUTH_ARGUMENT is used, the
#               password is compared with the user's entry in the
#               pg_shadow table.

It seems to me that this doesn't work for encrypted passwords stored in
pg_shadow? The crypt: entry specifically mentions not storing encrypted
passwords.. Just checking here, as it's a windoze box connecting with ODBC
that has the problem, all the unix boxen are happy with md5 and encrypted
passwords, so there could be many other causes for it to be unhappy..

Cheers,

Patrick

Patrick Welche <prlw1@newn.cam.ac.uk> writes:
> #   password:   Authentication is done by matching a password supplied
> #               in clear by the host. If no AUTH_ARGUMENT is used, the
> #               password is compared with the user's entry in the
> #               pg_shadow table.

> It seems to me that this doesn't work for encrypted passwords stored in
> pg_shadow?

You mean MD5 passwords?  It should work; leastwise I don't see why the
client side would make a difference.  Please be more specific about your
setup.

            regards, tom lane

Patrick Welche wrote:
> #   password:   Authentication is done by matching a password supplied
> #               in clear by the host. If no AUTH_ARGUMENT is used, the
> #               password is compared with the user's entry in the
> #               pg_shadow table.
>
> It seems to me that this doesn't work for encrypted passwords stored in
> pg_shadow? The crypt: entry specifically mentions not storing encrypted
> passwords.. Just checking here, as it's a windoze box connecting with ODBC
> that has the problem, all the unix boxen are happy with md5 and encrypted
> passwords, so there could be many other causes for it to be unhappy..

Only newer 7.2 ODBC drivers have code to handle MD5 passwords, and ODBC
never handled crypt passwords, so this may be your problem.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

On Sat, Mar 02, 2002 at 12:40:54PM -0500, Bruce Momjian wrote:
> Patrick Welche wrote:
> > #   password:   Authentication is done by matching a password supplied
> > #               in clear by the host. If no AUTH_ARGUMENT is used, the
> > #               password is compared with the user's entry in the
> > #               pg_shadow table.
> >
> > It seems to me that this doesn't work for encrypted passwords stored in
> > pg_shadow? The crypt: entry specifically mentions not storing encrypted
> > passwords.. Just checking here, as it's a windoze box connecting with ODBC
> > that has the problem, all the unix boxen are happy with md5 and encrypted
> > passwords, so there could be many other causes for it to be unhappy..
>
> Only newer 7.2 ODBC drivers have code to handle MD5 passwords, and ODBC
> never handled crypt passwords, so this may be your problem.

That't it - upgrading from odbc 7.01.0007 to 7.01.0009 got the windoze
clients happily using md5 too.

Thanks,

Patrick