By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
464,689 Members | 1,101 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 464,689 IT Pros & Developers. It's quick & easy.

db security (md5)

P: n/a
I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string? Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.
Sally

__________________________________________________ _______________
FREE pop-up blocking with the new MSN Toolbar get it now!
http://toolbar.msn.com/go/onm00200415ave/direct/01/
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to ma*******@postgresql.org

Nov 23 '05 #1
Share this Question
Share on Google+
2 Replies

P: n/a
On Mon, 19 Apr 2004, Sally Sally wrote:
I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string? Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.
Sally


The md5 stuff should be handled by the database and the connection layer
invisibly to you. i.e. when I use php, if it's set to md5 auth, I just
use a connect string like this:

$connect = pg_connect("host=myserver name=bubba password=secretword");

and I'm in. Same goes for setting the password via psql or whatnot:

alter user test with password 'abc';
select * from pg_shadow;
(SNIP)
test | 103 (SNIP) | md5f7dc2e1937940bb8486274edc88cc3c5
---------------------------(end of broadcast)---------------------------
TIP 6: Have you searched our list archives?

http://archives.postgresql.org

Nov 23 '05 #2

P: n/a
"Sally Sally" <de*****@hotmail.com> wrote:

I wanted to use md5 authentication method for my pg db. I was initially
using a trust method and I noticed when I switched to md5 I had to assign a
password to the user postgres as it was created without one. Here do I pass
an md5 encrypted string?
No. md5 just refers to the way it's stored in pgsql.
Also everytime I connect via perl's DBI do I have
to pass it the encrypted string (if so which perl module for md5 encryption
is the best to use?)
See above.
I was confused as to whether I should create the password encrypted or
whether postgres saves it encrypted.


The latter.

Jim

---------------------------(end of broadcast)---------------------------
TIP 2: you can get off all lists at once with the unregister command
(send "unregister YourEmailAddressHere" to ma*******@postgresql.org)

Nov 23 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.