On Wed, Jul 9, 2025 at 9:57 AM Alpaslan AKDAĞ <alpaslanak...@gmail.com> wrote:
> Is it expected behavior that users created with scram-sha-256 passwords > can still connect via md5 in pg_hba.conf? Yes. From the docs: > To ease transition from the md5 method to the newer SCRAM method, if md5 is > specified as a method in pg_hba.conf but the user's password on the > server is encrypted for SCRAM (see below), then SCRAM-based authentication > will automatically be chosen instead. You can think of "md5" inside pg_hba.conf as "md5 or better" As a result, some users are able to connect, while others cannot. Can you expand on this? Nothing you have done should be preventing logins, as far as I can tell. Best solution: Upgrade everyone to scram, then change md5 to scram in pg_hba.conf and never look back. -- Cheers, Greg -- Crunchy Data - https://www.crunchydata.com Enterprise Postgres Software Products & Tech Support
