On Fri, Feb 21, 2014 at 6:15 PM, Greg Stark wrote:
> On Fri, Feb 21, 2014 at 10:18 PM, Daniel Farina wrote:
>> I'm still in interested in this idea and haven't found a good reason
>> to rescind the general thinking there.
>
> It's an interesting idea. I wonder if it would be possible to make it
>
On 02/21/2014 03:54 PM, Tomas Vondra wrote:
> Depends on how you define external utility. It certainly needs to be
> somehow integrated with the tools using .pgpass. Do you have something
> particular in mind?
Yeah, I was thinking that the ideal would to be to make this generically
pluggable, like
On Fri, Feb 21, 2014 at 10:18 PM, Daniel Farina wrote:
> I'm still in interested in this idea and haven't found a good reason
> to rescind the general thinking there.
It's an interesting idea. I wonder if it would be possible to make it
compatible with existing tools like ssh-agent instead of inv
On 22.2.2014 00:02, Josh Berkus wrote:
> On 02/21/2014 09:11 AM, Tomas Vondra wrote:
>> What I think might be useful and safe at the same time is encrypted
>> .pgpass with tools asking for the encryption key. Think of it as a simple
>> passord wallet - not really useful if you're connecting to a si
On 02/21/2014 09:11 AM, Tomas Vondra wrote:
> What I think might be useful and safe at the same time is encrypted
> .pgpass with tools asking for the encryption key. Think of it as a simple
> passord wallet - not really useful if you're connecting to a single
> database, very useful if you have man
On Fri, Feb 21, 2014 at 10:42 AM, Alvaro Herrera
wrote:
> I think this thread deserves more attention:
>
> http://www.postgresql.org/message-id/caazkufajufddfp1_vghbdfyru0sj6msovvkrp87acq53ov6...@mail.gmail.com
(I wrote that mail)
I'm still in interested in this idea and haven't found a good rea
I think this thread deserves more attention:
http://www.postgresql.org/message-id/caazkufajufddfp1_vghbdfyru0sj6msovvkrp87acq53ov6...@mail.gmail.com
--
Álvaro Herrerahttp://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services
--
Sent via pgsql-hackers
On Fri, Feb 21, 2014 at 8:42 AM, Craig Ringer wrote:
> On 02/22/2014 12:20 AM, Alvaro Herrera wrote:
> > Jeff Janes escribió:
> >> On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera <
> alvhe...@2ndquadrant.com>wrote:
> >
> >>> If you were to have a mechanism by which
> >>> libpq can store an md5'd
Hi,
On 21 Únor 2014, 16:52, Christopher Browne wrote:
> On Fri, Feb 21, 2014 at 7:49 AM, firoz e v wrote:
>
>> Hi,
>>
>>
>>
>> Is there a way to store the password in ".pgpass" file in an encrypted
>> format (for example, to be used by pg_dump).
>>
>>
>>
>> Even though, there are ways to set the
On 02/21/2014 11:52 PM, Christopher Browne wrote:
>
> The thing you could do instead that would *look* like it is encrypted is
> to use a certificate (e.g. - SSL). The certificate that you'd need to
> put on the client still needs to be in something that is effectively
> plain text (however much
On 02/22/2014 12:20 AM, Alvaro Herrera wrote:
> Jeff Janes escribió:
>> On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera
>> wrote:
>
>>> If you were to have a mechanism by which
>>> libpq can store an md5'd password (or whatever hash) and send that md5
>>> to the server and have the server accept
Jeff Janes escribió:
> On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera
> wrote:
> > If you were to have a mechanism by which
> > libpq can store an md5'd password (or whatever hash) and send that md5
> > to the server and have the server accept it to grant a connection, then
> > the md5 has, in
On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera wrote:
> Euler Taveira wrote:
> > On 21-02-2014 09:49, firoz e v wrote:
> > > Even though, there are ways to set the permissions on .pgpass, to
> disallow any access to world or group, the security rules of many
> organizations disallow to hold any k
On Fri, Feb 21, 2014 at 7:49 AM, firoz e v wrote:
> Hi,
>
>
>
> Is there a way to store the password in ".pgpass" file in an encrypted
> format (for example, to be used by pg_dump).
>
>
>
> Even though, there are ways to set the permissions on .pgpass, to disallow
> any access to world or group,
On 2014-02-21 12:04:47 -0300, Alvaro Herrera wrote:
> You could instead try to have an authentication agent that stores an
> encrypted password or certificate and asks the user to supply the key to
> decrypt it when trying to establish a connection; but that would force
> you to require user interv
Euler Taveira wrote:
> On 21-02-2014 09:49, firoz e v wrote:
> > Even though, there are ways to set the permissions on .pgpass, to disallow
> > any access to world or group, the security rules of many organizations
> > disallow to hold any kind of passwords, as plain text.
> >
> Is your goal hid
On 21-02-2014 09:49, firoz e v wrote:
> Even though, there are ways to set the permissions on .pgpass, to disallow
> any access to world or group, the security rules of many organizations
> disallow to hold any kind of passwords, as plain text.
>
Is your goal hiding the password in .pgpass? You
Hi,
On 21/02/14 11:15, Alvaro Herrera wrote:
> Maybe you can memfrob() the password to encrypt it before writing, and
> then memfrob() it back before applying it. Would that be secure?
From `man memfrob`:
Note that this function is not a proper encryption routine as the XOR
constant is fixed,
firoz e v wrote:
> Hi,
>
> Is there a way to store the password in ".pgpass" file in an encrypted format
> (for example, to be used by pg_dump).
>
> Even though, there are ways to set the permissions on .pgpass, to disallow
> any access to world or group, the security rules of many organization
On 21 February 2014 13:49, firoz e v wrote:
> Hi,
>
>
>
> Is there a way to store the password in “.pgpass” file in an encrypted
> format (for example, to be used by pg_dump).
>
>
>
> Even though, there are ways to set the permissions on .pgpass, to disallow
> any access to world or group, the s
Hi,
Is there a way to store the password in ".pgpass" file in an encrypted format
(for example, to be used by pg_dump).
Even though, there are ways to set the permissions on .pgpass, to disallow any
access to world or group, the security rules of many organizations disallow to
hold any kind of
21 matches
Mail list logo
