Tom Lane wrote:
> Neil Conway <[EMAIL PROTECTED]> writes:
> > How many pre-7.2 clients are actually out there? If 'crypt' authentication
> > is deprecated in 7.2, is there any chance it will be removed in
> > 7.3? If it is, it should be safe to switch to the scheme I mentioned
> > in my previous e
Neil Conway <[EMAIL PROTECTED]> writes:
> How many pre-7.2 clients are actually out there? If 'crypt' authentication
> is deprecated in 7.2, is there any chance it will be removed in
> 7.3? If it is, it should be safe to switch to the scheme I mentioned
> in my previous email, which is both less c
Tom Lane wrote:
> Neil Conway <[EMAIL PROTECTED]> writes:
> > IMHO, there are two separate processes going on here:
>
> The connection you are missing is that hashed password storage is
> incompatible with crypt-style password transmission. If we force
> hashed storage then the only password tra
On Thu, 25 Apr 2002 13:32:27 -0400
"Tom Lane" <[EMAIL PROTECTED]> wrote:
> Neil Conway <[EMAIL PROTECTED]> writes:
> > IMHO, there are two separate processes going on here:
>
> The connection you are missing is that hashed password storage is
> incompatible with crypt-style password transmission.
OK, I remember now. 'Password' is fine for MD5-encrypted pg_shadow
because you are using the password supplied over the wire to compare to
the md5. (Of couse, no one should be using 'password'.)
It is 'crypt' that is the problem. You get a random salted crypted
password from the user, and you
On Thu, 25 Apr 2002 01:50:32 -0400 (EDT)
"Bruce Momjian" <[EMAIL PROTECTED]> wrote:
> Neil Conway wrote:
> > Hi all,
> >
> > Why does the password_encryption GUC variable default to false?
> >
> > AFAICT there shouldn't be any issues with client compatibility -- in
> > fact, I'd be inclined to r
Neil Conway <[EMAIL PROTECTED]> writes:
> IMHO, there are two separate processes going on here:
The connection you are missing is that hashed password storage is
incompatible with crypt-style password transmission. If we force
hashed storage then the only password transmission style available
to
Neil Conway wrote:
> Hi all,
>
> Why does the password_encryption GUC variable default to false?
>
> AFAICT there shouldn't be any issues with client compatibility -- in
> fact, I'd be inclined to rip out all support for storing cleartext
> passwords...
It is false so passwords can be handled b
Hi all,
Why does the password_encryption GUC variable default to false?
AFAICT there shouldn't be any issues with client compatibility -- in
fact, I'd be inclined to rip out all support for storing cleartext
passwords...
Cheers,
Neil
--
Neil Conway <[EMAIL PROTECTED]>
PGP Key ID: DB3C29FC
-
