On Mon, Jul 12, 2004 at 02:18:40PM -0400, Bruce Momjian wrote:
> > >> Something that bugged me a lot is that I tried to find the format of the
> > >> file for testing the patch, and I couldn't find anything anywhere in the
> > >> docs. Apparently the docs for the file were ripped with the docs for
> > >> the pg_passwd utility when it was ripped before the 7.3 release.
>
> I was confused by this. What docs for the password file did we have?
I see this in 7.2 docs. This is not mentioned anywhere in current docs.
Does it work with other auth mechanisms (md5, crypt)?
<para>
The format of a text password file is one entry per line; the fields
of each entry are separated by colons. The first field is the user
name, the second field is the encrypted password. Other fields are
ignored (to allow password files to be shared between applications
that use similar formats). <application>pg_passwd</application>
enables users to interactively add entries to such a file, to alter
passwords of existing entries, and to encrypt such passwords.
</para>
[...]
<para>
To make use of this password file, put a line like the following in
<filename>pg_hba.conf</filename>:
<programlisting>
host mydb 133.65.96.250 255.255.255.255 password passwords
</programlisting>
which would allow access to database mydb from host 133.65.96.250 using
the passwords listed in the <filename>passwords</filename> file (and
only to the users listed in that file).
</para>
<note>
<para>
It is also useful to have entries in a password file with empty
password fields. (This is different from an empty password.) Such
entries allow you to restrict users who can access the system. These
entries cannot be managed by <application>pg_passwd</application>,
but you can edit password files manually.
</para>
</note>
--
Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
"La primera ley de las demostraciones en vivo es: no trate de usar el sistema.
Escriba un guión que no toque nada para no causar daños." (Jakob Nielsen)