Home > mailing lists

Re: ssl and/or md5 encryption - Mailing list pgsql-admin

From	Michael Fuhr
Subject	Re: ssl and/or md5 encryption
Date	December 6, 2005 05:55:33
Msg-id	20051206064619.GA70020@winnie.fuhr.org Whole thread Raw
In response to	ssl and/or md5 encryption (Colton A Smith <smith@cs.utk.edu>)
List	pgsql-admin

Tree view

On Wed, Nov 30, 2005 at 08:24:34AM -0500, Colton A Smith wrote:
>   I specify md5 encryption in my pg_hba.conf file.  Would using SSL on
> top of this be overkill?

Specifying md5 in pg_hba.conf affects only password authentication;
everything else will be sent in cleartext.

What's your threat model?  What do you want to secure?  Just
authentication, or data transfer as well?

--
Michael Fuhr

pgsql-admin by date:

From: "Niv Cohen"
Date: 06 December 2005, 05:08:07
Subject: Database testing.

From: "Karthik.S"
Date: 06 December 2005, 14:28:42
Subject: error while creating database

Re: ssl and/or md5 encryption - Mailing list pgsql-admin

Previous

Next