On Thu, Jul 19, 2018 at 5:46 AM, Marco van Eck <marco.van...@gmail.com> wrote: > Since .pgpass files contain plain-text passwords, I searched for an > alternative. > In the attached patch I've added the possibility to run a command to produce > the content of the pgpass file, in exactly the same format. In this way I > could use gpg or any other command to decrypt a pgpass file. It will prefer > the .pgpass file and will not call the command. > > This would be my environment variable, to have no plain-text password: > PGPASSCOMMAND="gpg -q -d pgpass.gpg" > > Other usages of the variable: > PGPASSCOMMAND="cat pgpass" > PGPASSCOMMAND="curl http://passwords/really-unsecure-pgpass"; > PGPASSCOMMAND="my-own-secure-pgpass-script"
Hi Marco I've heard requests for encrypted .pgpass files before, and I've always been a bit confused about how an unattended system is supposed to decrypt them. If the key is in the configuration file or local filesystem, it feels like you haven't really added much security over a plaintext password, since an attacker who can steal the .pgpass file can steal those things too. There are other database systems out there where passwords are held in an encrypted form but with only a small amount of digging on the internet you can find out how to decrypt them. Seems a bit bogus, at first glance anyway. Here you side step those questions completely and make that the end user's problem. I like it. -- Thomas Munro http://www.enterprisedb.com
