473,396 Members | 1,724 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > postgresql database > questions > db security (md5)

Join Bytes to post your question to a community of 473,396 software developers and data experts.

db security (md5)

I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string? Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.
Sally

__________________________________________________ _______________
FREE pop-up blocking with the new MSN Toolbar – get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 23 '05 #1
2 2192
On Mon, 19 Apr 2004, Sally Sally wrote:
I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string? Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.
Sally


The md5 stuff should be handled by the database and the connection layer
invisibly to you. i.e. when I use php, if it's set to md5 auth, I just
use a connect string like this:

$connect = pg_connect("host=myserver name=bubba password=secretword");

and I'm in. Same goes for setting the password via psql or whatnot:

alter user test with password 'abc';
select * from pg_shadow;
(SNIP)
test | 103 (SNIP) | md5f7dc2e1937940bb8486274edc88cc3c5
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 23 '05 #2
"Sally Sally" <de*****@hotmail.com> wrote:

I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string?
No. md5 just refers to the way it's stored in pgsql.
Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
See above.
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.


The latter.

Jim

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to ma*******@postgresql.org)

Nov 23 '05 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
crypt() and md5()
by: | last post by:
I'm curious how these two functions work together (when crypt() uses a md5 algo). Currently I know they will produce different output; is this due to the salt being used behind-the-scenes in md5()?...
PHP
3
PHP Session security
by: Troot | last post by:
Hi all, I previously logged a question asking how to automatically log a user into Apache Basic Authentication without displaying the standard username/password dialog from the browser. I have...
PHP
2
Security question
by: JamesB | last post by:
I am half way through making a site you can only do certain stuff if logged in to. So far, you are logged in if there is a session variable with your username, but I got thinking that presumably...
PHP
2
security question
by: zuhans | last post by:
hello, i'm very new to postgres and have a fundamental question. how do i make a pg-db most secure? i feel, that pg_user e.g. ist something very dangerous - isn't it? if someone hacks into a...
PostgreSQL Database
2
User Login & Application Security
by: Patrick Blackman | last post by:
Hi, need some info on implementing a multiuser winforms application, specifically managing user logins and user preferences & access rights. Are there any frameworks out there for this. I don't...
C# / C Sharp
5
about high security field
by: Suresh | last post by:
Hi All I am designing DB2 database. I have some entities each has nearly 40-60 attributes. Each of these entity (table) have password, some other information as high security attribute. So...
DB2 Database
0
Security - 3DES and RC2
by: tshad | last post by:
I have been trying to create encoding/decoding functions for secure Credit Card information. I was looking at 3DES/MD5 and RC2/MD5. I found a simple function that seemed to work pretty well,...
Visual Basic .NET
4
System.Security.Cryptography.MD5.Create( ??? )
by: Jonathan Wood | last post by:
Does anyone know why the documentation for System.Security.Cryptography.MD5.Create() seems to omit completely any description of allowed arguments. I'm trying to convert some C++ code to C# and...
C# / C Sharp
6
System.Security.Cryptography.CryptographicException; bug in .NET 1.1 ?
by: andrew | last post by:
Hi, I have a web service application written in C# .NET 1.1 using MD5CryptoServiceProvider.ComputeHash(Byte) The problem is that after a while(web service processes requests) the call throws...
C# / C Sharp
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!