> Best solution: Upgrade everyone to scram, then change md5 to scram in
> pg_hba.conf and never look back.
>
To expand more on the "upgrade everyone to scram", that means force all
users to set a new password while using scram (which should be the
default). You can do it yourself by getting a list
On Wed, Jul 9, 2025 at 11:26 AM David G. Johnston <
david.g.johns...@gmail.com> wrote:
> On Wed, Jul 9, 2025 at 8:09 AM Ron Johnson
> wrote:
>
>> That requires setting the password to null and then recreating the
>> password, no?
>>
>
> You might want to verify that claim, and suggest a doc patch
On Wed, 2025-07-09 at 11:09 -0400, Ron Johnson wrote:
> > Best solution: Upgrade everyone to scram, then change md5 to scram
> > in pg_hba.conf and never look back.
>
> That requires setting the password to null and then recreating the
> password, no? Otherwise IIRC, changing an md5 password leav
On Wed, Jul 9, 2025 at 8:09 AM Ron Johnson wrote:
> That requires setting the password to null and then recreating the
> password, no?
>
You might want to verify that claim, and suggest a doc patch or bug fix if
you find it to be true - I sure don't see anything that remotely suggests
this.
Dav
On Wed, Jul 9, 2025 at 11:11 AM Adrian Klaver
wrote:
> On 7/9/25 06:56, Alpaslan AKDAĞ wrote:
> > Hello all
> >
>
> > As a result, some users are able to connect, while others cannot.
>
> What client is being used and what version of said client?
>
This is a salient point:clients from the pre-PG
On 7/9/25 06:56, Alpaslan AKDAĞ wrote:
Hello all
As a result, some users are able to connect, while others cannot.
What client is being used and what version of said client?
Best regards,
Alpaslan
--
Adrian Klaver
adrian.kla...@aklaver.com
On Wed, Jul 9, 2025 at 10:59 AM Greg Sabino Mullane
wrote:
> On Wed, Jul 9, 2025 at 9:57 AM Alpaslan AKDAĞ
> wrote:
>
>> Is it expected behavior that users created with scram-sha-256 passwords
>> can still connect via md5 in pg_hba.conf?
>
>
> Yes. From the docs:
>
>> To ease transition from the
On Wed, Jul 9, 2025 at 9:57 AM Alpaslan AKDAĞ
wrote:
> Is it expected behavior that users created with scram-sha-256 passwords
> can still connect via md5 in pg_hba.conf?
Yes. From the docs:
> To ease transition from the md5 method to the newer SCRAM method, if md5 is
> specified as a method i
On Wed, Jul 9, 2025 at 6:57 AM Alpaslan AKDAĞ
wrote:
>
>1. In such a case, what would be the recommended approach or best
>practice to follow during upgrades in order to avoid this kind of issue?
>
> This is all described quite clearly in the documentation, including the
upgrade procedure
Hello all
We have recently upgraded our PostgreSQL instances from version 13 to 16.
During the upgrade, we also changed the password_encryption setting in
postgresql.conf to scram-sha-256.
Before the upgrade, we used pg_dumpall --roles-only to export all users and
their MD5-hashed passwords. Afte
10 matches
Mail list logo
