Hi Stephen, * Stephen Frost <sfr...@snowman.net> [04/03/2015 01:45:56] wrote: > Aaron, > > * Aaron Zauner (a...@azet.org) wrote: > > Debian ships a set of Perl scripts to configure for PostgreSQL server > > configurations, these are quite outdated and are currently configuring > > authentication to use MD5 when 'password' should be used instead. > > Uh, no, using 'password' is far worse, and uniformly so, than using md5. > I have no idea why anyone would think it's better to store a cleartext > version of your password in the pg_authid data (note that pg_shadow is > only a view now, I replaced it long ago when I rewrote the user/group > system to be role-based). >
I assumed 'password' is an alias for a stronger hashing scheme. Mea culpa, I should have read the source-code, not only the package content and upstream defaults. I was not aware that 'password' is indeed 'plaintext'. > Absolutely no would be the answer. Given your explaination I totally agree here. I'm good to close this - but let's wait if mik replies to this as well. > The PG community has long been discussing the possibility of providing a > new authentication mechanism to replace the md5 one, but anyone who > actually cares about security will be using Kerberos or Certificate > based authentication anyway, so it hasn't been a priority. Agreed - most enterprise or cloud deployment I've been involved with use either PKIX or kerberos. This is a good security measure. Replacing MD5 would be nice as well (scrypt, bcrypt?). But I guess a debian bug report is the wrong place to discuss this. Thanks for clearing this up & your quick reply, Aaron
signature.asc
Description: Digital signature
