"Joshua b. Jore" <josh@greentechnologist.org> writes:
>> [ how to run batch scripts without embedding a password? ]
> Set the PGPASSWORD environment variable or supply it on STDIN. Your user
> environment may be visible to other users so PGPASSWORD may not be secure.
> I just don't mount /proc so I don't worry about that (I run OpenBSD which
> doesn't require /proc like linux tends to). You may also consider sending
> the password in on STDIN.
An even better answer is to not use password authentication, if
possible. If your platform supports IDENT auth for local (Unix-socket)
connections, that's a pretty good alternative IMHO. IDENT across
loopback (127.0.0.1) connections is also workable if you run an identd
daemon; this works on most every platform. I would not recommend IDENT
for remote connections though, unless you trust the admin of the remote
machine.
regards, tom lane
