Обсуждение: pg_hba.conf and secondary password file
Right now, we support a secondary password file reference in pg_hba.conf. If the file contains only usernames, we assume that it is the list of valid usernames for the connection. If it contains usernames and passwords, like /etc/passwd, we assume these are the passwords to be used for the connection. Such connections must pass the unencrypted passwords over the wire so they can be matched against the file; 'password' encryption in pg_hba.conf. Is it worth keeping this password capability in 7.3? It requires 'password' in pg_hba.conf, which is not secure, and I am not sure how many OS's still use crypt in /etc/passwd anyway. Removing the feature would clear up pg_hba.conf options a little. The ability to specify usernames in pg_hba.conf or in a secondary file is being added to pg_hba.conf anyway, so it is really only the password part that we have to decide to keep or remove. -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Could you have multiple such references? for example, one entry/file with the postgres user only listed in it which enables trust for the postgres user without password challenge second entry/file with local users who are allowed with password Final goal for us listed in next post. Dave >-----Original Message----- >From: pgsql-general-owner@postgresql.org >[mailto:pgsql-general-owner@postgresql.org]On Behalf Of Bruce Momjian >Sent: Friday, March 15, 2002 7:53 PM >To: PostgreSQL-general >Subject: [GENERAL] pg_hba.conf and secondary password file > > >Right now, we support a secondary password file reference in >pg_hba.conf. > >If the file contains only usernames, we assume that it is the list of >valid usernames for the connection. If it contains usernames and >passwords, like /etc/passwd, we assume these are the passwords to be >used for the connection. Such connections must pass the unencrypted >passwords over the wire so they can be matched against the file; >'password' encryption in pg_hba.conf. > >Is it worth keeping this password capability in 7.3? It requires >'password' in pg_hba.conf, which is not secure, and I am not sure how >many OS's still use crypt in /etc/passwd anyway. Removing the feature >would clear up pg_hba.conf options a little. > >The ability to specify usernames in pg_hba.conf or in a secondary file >is being added to pg_hba.conf anyway, so it is really only the password >part that we have to decide to keep or remove. > >-- > Bruce Momjian | http://candle.pha.pa.us > pgman@candle.pha.pa.us | (610) 853-3000 > + If your life is a hard drive, | 830 Blythe Avenue > + Christ can be your backup. | Drexel Hill, Pennsylvania 19026 > >---------------------------(end of broadcast)--------------------------- >TIP 3: if posting/reading through Usenet, please send an appropriate >subscribe-nomail command to majordomo@postgresql.org so that your >message can get through to the mailing list cleanly > >
I don't quite understand the question, but you can have multiple usernames listed or in the file, and you can have multiple lines in pg_hba.conf. --------------------------------------------------------------------------- Dave wrote: > Could you have multiple such references? > > for example, > one entry/file with the postgres user only listed in it which enables trust for > the postgres user without password challenge > second entry/file with local users who are allowed with password > > Final goal for us listed in next post. > > Dave > > >-----Original Message----- > >From: pgsql-general-owner@postgresql.org > >[mailto:pgsql-general-owner@postgresql.org]On Behalf Of Bruce Momjian > >Sent: Friday, March 15, 2002 7:53 PM > >To: PostgreSQL-general > >Subject: [GENERAL] pg_hba.conf and secondary password file > > > > > >Right now, we support a secondary password file reference in > >pg_hba.conf. > > > >If the file contains only usernames, we assume that it is the list of > >valid usernames for the connection. If it contains usernames and > >passwords, like /etc/passwd, we assume these are the passwords to be > >used for the connection. Such connections must pass the unencrypted > >passwords over the wire so they can be matched against the file; > >'password' encryption in pg_hba.conf. > > > >Is it worth keeping this password capability in 7.3? It requires > >'password' in pg_hba.conf, which is not secure, and I am not sure how > >many OS's still use crypt in /etc/passwd anyway. Removing the feature > >would clear up pg_hba.conf options a little. > > > >The ability to specify usernames in pg_hba.conf or in a secondary file > >is being added to pg_hba.conf anyway, so it is really only the password > >part that we have to decide to keep or remove. > > > >-- > > Bruce Momjian | http://candle.pha.pa.us > > pgman@candle.pha.pa.us | (610) 853-3000 > > + If your life is a hard drive, | 830 Blythe Avenue > > + Christ can be your backup. | Drexel Hill, Pennsylvania 19026 > > > >---------------------------(end of broadcast)--------------------------- > >TIP 3: if posting/reading through Usenet, please send an appropriate > >subscribe-nomail command to majordomo@postgresql.org so that your > >message can get through to the mailing list cleanly > > > > > > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026