Re: sunsetting md5 password support

On Wed, Nov 20, 2024 at 08:17:07PM -0500, Greg Sabino Mullane wrote: > Sounds good to me. I think my hesitation was more that the hint was > overpromising help, so big +1 to more detail and keeping it. Committed. If anyone wants to try putting together a patch that expands the "migrating to SCRAM

Re: sunsetting md5 password support

On Wed, Nov 20, 2024 at 11:33 AM Nathan Bossart wrote: > After thinking about this some more, I'm actually finding myself leaning > towards leaving the hint and potentially adding more detail to the > documentation as a follow-up patch. Sounds good to me. I think my hesitation was more that the

Re: sunsetting md5 password support

On Wed, Nov 20, 2024 at 10:56:11AM -0500, Greg Sabino Mullane wrote: > On Tue, Nov 19, 2024 at 8:55 PM Nathan Bossart > wrote: > >> * Expand the documentation. Perhaps we could add a step-by-step guide >> for migrating to SCRAM-SHA-256 since more users will need to do so when >> MD5 password sup

Re: sunsetting md5 password support

On Tue, Nov 19, 2024 at 8:55 PM Nathan Bossart wrote: > * Expand the documentation. Perhaps we could add a step-by-step guide > for migrating to SCRAM-SHA-256 since more users will need to do so when > MD5 password support is removed. > * Remove the hint. It's arguably doing little more than po

Re: sunsetting md5 password support

On Tue, Nov 19, 2024 at 07:29:27PM -0500, Greg Sabino Mullane wrote: > I just took a fresh look at / compiled this patch, and it all works as > advertised. My one minor nit is this hint: > > HINT: Refer to the PostgreSQL documentation for details about migrating to > another password type. > > W

Re: sunsetting md5 password support

I just took a fresh look at / compiled this patch, and it all works as advertised. My one minor nit is this hint: HINT: Refer to the PostgreSQL documentation for details about migrating to another password type. We don't really have that in the docs, as near as I can tell, the closest is 20.5 wh

Re: sunsetting md5 password support

I've gotten a couple of reviews on this patch, and the thread has been quiet for a while now, so I'm considering committing this soon. There is still plenty of time to make any adjustments that are suggested post-commit. -- nathan

Re: sunsetting md5 password support

On Mon, Oct 28, 2024 at 04:10:29PM -0500, Jim Nasby wrote: > Patch itself looks good, but it does leave me wondering if cleartext > should also be deprecated? I see that Tom has already chimed in on this point. In any case, this is probably a topic for another thread. > Might also be worth menti

Re: sunsetting md5 password support

Jim Nasby writes: > Patch itself looks good, but it does leave me wondering if cleartext should > also be deprecated? Not much point unless we also deprecate all of the other auth methods that require cleartext password transmission, which from a quick scan include PAM, BSD, LDAP, and RADIUS. S

Re: sunsetting md5 password support

> On Oct 28, 2024, at 3:21 PM, Greg Sabino Mullane wrote: > > On Sat, Oct 26, 2024 at 11:55 AM Nathan Bossart > wrote: >> rebased > > Patch applied without issue and looks good to me. Patch itself looks good, but it does leave me wondering if cleartext should

Re: sunsetting md5 password support

On Sat, Oct 26, 2024 at 11:55 AM Nathan Bossart wrote: > rebased > Patch applied without issue and looks good to me. Cheers, Greg

Re: sunsetting md5 password support

rebased -- nathan >From 0f867b4b560c83f33b448df5a9b20a6d61ba2611 Mon Sep 17 00:00:00 2001 From: Nathan Bossart Date: Fri, 11 Oct 2024 16:21:09 -0500 Subject: [PATCH v3 1/1] Deprecate MD5 passwords. MD5 has been considered to be unsuitable for use as a cryptographic hash algorithm for some time.

Re: sunsetting md5 password support

On Fri, Oct 11, 2024 at 04:36:27PM -0500, Nathan Bossart wrote: > Here is a first attempt at a patch for marking MD5 passwords as deprecated. > It's quite bare-bones at the moment, so I anticipate future revisions will > add more content. Besides sprinkling several deprecation notices > throughout

Re: sunsetting md5 password support

On Fri, Oct 11, 2024 at 09:47:58AM -0400, Andrew Dunstan wrote: > On 2024-10-10 Th 6:28 PM, Tom Lane wrote: >> On the whole I agree with Heikki's comment that we should just >> do it (disallow MD5, full stop) whenever we feel that enough >> time has passed. These intermediate states are mostly goi

Re: sunsetting md5 password support

On 2024-10-10 Th 6:28 PM, Tom Lane wrote: Andrew Dunstan writes: Hmm, yeah. It would be easy enough to prevent MD5 passwords in things like CREATE ROLE / ALTER ROLE, but harder to check for MD5 if there are direct updates to pg_authid. Maybe we need to teach pg_dumpall a way to do that as a w

Re: sunsetting md5 password support

On Thu, 2024-10-10 at 18:39 -0400, Tom Lane wrote: > Jesper Pedersen writes: > > On 10/10/24 5:45 PM, Heikki Linnakangas wrote: > > > Note that some authentication methods like LDAP and Radius use > > > "password" authentication on the wire. > > > Please, deprecate - aka remove - old methods. >

Re: sunsetting md5 password support

Jesper Pedersen writes: > On 10/10/24 5:45 PM, Heikki Linnakangas wrote: >> Note that some authentication methods like LDAP and Radius use >> "password" authentication on the wire. > Please, deprecate - aka remove - old methods. > All client libraries have caught up, and if they havn't then it t

Re: sunsetting md5 password support

> On 11 Oct 2024, at 00:28, Tom Lane wrote: > On the whole I agree with Heikki's comment that we should just > do it (disallow MD5, full stop) whenever we feel that enough > time has passed. These intermediate states are mostly going to > add headaches. Maybe we could do something with an inter

Re: sunsetting md5 password support

Andrew Dunstan writes: > Hmm, yeah. It would be easy enough to prevent MD5 passwords in things > like CREATE ROLE / ALTER ROLE, but harder to check for MD5 if there are > direct updates to pg_authid. Maybe we need to teach pg_dumpall a way to > do that as a workaround? That seems like a pretty

Re: sunsetting md5 password support

On 10/10/24 5:45 PM, Heikki Linnakangas wrote: On 11/10/2024 00:03, Bruce Momjian wrote: On Wed, Oct  9, 2024 at 10:30:15PM +0200, Jelte Fennema-Nio wrote: On Wed, 9 Oct 2024 at 21:55, Nathan Bossart wrote: In this message, I propose a multi-year, incremental approach to remove MD5 password

Re: sunsetting md5 password support

On Thu, 10 Oct 2024 at 23:45, Heikki Linnakangas wrote: > I wouldn't recommend it if SCRAM is available, but yeah, with TLS and > sslmode=verify-full, it's secure enough. Agreed, I'd definitely still recommend SCRAM over password. A big downside of "password" auth over TLS is that plaintext passw

Re: sunsetting md5 password support

On 11/10/2024 00:03, Bruce Momjian wrote: On Wed, Oct 9, 2024 at 10:30:15PM +0200, Jelte Fennema-Nio wrote: On Wed, 9 Oct 2024 at 21:55, Nathan Bossart wrote: In this message, I propose a multi-year, incremental approach to remove MD5 password support from Postgres. +many for the general id

Re: sunsetting md5 password support

On Wed, Oct 9, 2024 at 10:30:15PM +0200, Jelte Fennema-Nio wrote: > On Wed, 9 Oct 2024 at 21:55, Nathan Bossart wrote: > > In this message, I propose a multi-year, incremental approach to remove MD5 > > password support from Postgres. > > +many for the general idea > > I think it makes sense to

Re: sunsetting md5 password support

On Thu, Oct 10, 2024 at 02:11:53AM +0300, Heikki Linnakangas wrote: > My feeling is that it would be less confusing to users to just disallow md5 > passwords in one release. I'm not sure these intermediate steps are really > doing anyone any favors. As I'm reading the various responses in this thr

Re: sunsetting md5 password support

On 2024-10-09 We 7:11 PM, Heikki Linnakangas wrote: On 09/10/2024 22:55, Nathan Bossart wrote: In this message, I propose a multi-year, incremental approach to remove MD5 password support from Postgres. +1   2.  In v19, allow upgrading with MD5 passwords and allow authenticating   wi

Re: sunsetting md5 password support

## Heikki Linnakangas (hlinn...@iki.fi): > This is a bit weird state. What exactly is "upgrading"? I guess you > mean pg_upgrade, but lots of people use pg_dump & restore or logical > replication or something else entirely for upgrading. That's > indistinguishable from setting a pre-hashed MD5 pas

Re: sunsetting md5 password support

On 09/10/2024 22:55, Nathan Bossart wrote: In this message, I propose a multi-year, incremental approach to remove MD5 password support from Postgres. +1 2. In v19, allow upgrading with MD5 passwords and allow authenticating with them, but disallow creating new ones (i.e., restrict/r

Re: sunsetting md5 password support

On Wed, Oct 9, 2024 at 1:44 PM Jonathan S. Katz wrote: > On 10/9/24 3:55 PM, Nathan Bossart wrote: > > 1. In v18, continue to support MD5 passwords, but place several notes in > > the documentation and release notes that unambiguously indicate that > > MD5 password support is deprec

Re: sunsetting md5 password support

On 10/9/24 3:55 PM, Nathan Bossart wrote: In this message, I propose a multi-year, incremental approach to remove MD5 password support from Postgres. +100; thanks for a concrete proposal. Cutting out the "well-understood" problems bit.> Given there is a battle-tested alternative to MD5, I pro

Re: sunsetting md5 password support

Big +1 to the idea, but it's not going to be pretty; there is a lot of baked-in MD5 stuff around. > 2. In v19, allow upgrading with MD5 passwords and allow authenticating > with them, but disallow creating new ones (i.e., restrict/remove > password_encryption and don't allow setting

Re: sunsetting md5 password support

On Wed, 9 Oct 2024 at 21:55, Nathan Bossart wrote: > In this message, I propose a multi-year, incremental approach to remove MD5 > password support from Postgres. +many for the general idea I think it makes sense to also remove the "password" authentication option while we're at it (this can cur

sunsetting md5 password support

In this message, I propose a multi-year, incremental approach to remove MD5 password support from Postgres. The problems with MD5 password hashes in Postgres are well-understood, so I won't discuss them in too much detail here. But suffice it to say that MD5 has been considered to be unsuitable f