Re: Differences in crypt hash? - Mailing list pgsql-docs

From Bruce Momjian
Subject Re: Differences in crypt hash?
Date
Msg-id 200108041828.f74ISPJ13625@candle.pha.pa.us
Whole thread Raw
In response to Re: Differences in crypt hash?  (Tom Lane <tgl@sss.pgh.pa.us>)
Responses Re: Differences in crypt hash?  (Richard Hodges <rh@matriplex.com>)
List pgsql-docs
> Richard Hodges <rh@matriplex.com> writes:
> > The problem is that my Solaris client does not authenticate against
> > my server (7.0.3 built on FreeBSD).
>
> Indeed, one of the nasty things about the 'crypt' authentication method
> is that it assumes the crypt() library call acts the same on both client
> and server machine.  As you've just discovered, that ain't always so.
>
> There have been plans for some time to supersede our present password
> auth methods with something more secure and portable (probably MD5
> double hashing at both ends).  I think Vince V. is working on that,
> but I've not heard anything about it lately.  You can read all about it
> in the pghackers mail archives if you care.

I am trying to get it done for 7.2.  I have Vince's md5 code.  I just
need to plug it into the authentication code.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026

pgsql-docs by date:

Previous
From: Tom Lane
Date:
Subject: Re: Differences in crypt hash?
Next
From: Richard Hodges
Date:
Subject: Re: Differences in crypt hash?