Re: You're on SecurityFocus.com for the cleartext passwords.

> OpenSSL is under the BSD license (www.openssl.org).  Its source code can be
> integrated into the PostgreSQL source code so that users need know nothing
> about it.  It would just get used internal to Postgres and the client
> libraries.
> 
> OpenSSL also contains an MD5 routine that can be used on the passwords.
> 
> So far, no one is excited about this so I will not push it anymore.

Seems like that could be a solution, but we are trying not to bloat the
PostgreSQL tarball.  Shipping SSH would certainly do that.

--  Bruce Momjian                        |  http://www.op.net/~candle pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026