Discussion:
forcing postgresql 7.3 to use crypt passwords
(too old to reply)
Kenny Drobnack
2003-12-31 16:12:44 UTC
Permalink
We currently have multiple databases running different versions of
postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
databases, it encrypts their passwords with md5, which is not supported
in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
encryption for passwords when creating users?

Apologies if this message shows up twice. It didn't seem to be going
thru when I sent it without subscribing.
--
Kenny Drobnack


---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
Tom Lane
2003-12-31 17:20:06 UTC
Permalink
Post by Kenny Drobnack
We currently have multiple databases running different versions of
postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
databases, it encrypts their passwords with md5, which is not supported
in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
encryption for passwords when creating users?
AFAIR the previous approach was not to encrypt passwords at all in
pg_shadow. You can still do that with ALTER USER ... UNENCRYPTED PASSWORD
(also there's a setting to make this the default behavior).

regards, tom lane

---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
Kenny Drobnack
2003-12-31 17:31:56 UTC
Permalink
Post by Tom Lane
Post by Kenny Drobnack
We currently have multiple databases running different versions of
postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
databases, it encrypts their passwords with md5, which is not supported
in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
encryption for passwords when creating users?
AFAIR the previous approach was not to encrypt passwords at all in
pg_shadow. You can still do that with ALTER USER ... UNENCRYPTED PASSWORD
(also there's a setting to make this the default behavior).
regards, tom lane
Thanks! I got it figured out. I add "password_encryption = false" to
postgresql.conf and did ALTER USER ... PASSWORD on all the users. Then,
found some docs that said the crypt encryption option only encrypts
passwords going across network connections, not in the database. So I've
set that as the authorization method in pg_hba.conf. So we've got
passwords encrypted everywhere except in pg_shadow. It'll due till we
get everything upgraded to 7.3 or preferably 7.4.
--
Kenny


---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
Loading...