On 05/25/2015 08:41 PM, Yves Dorfsman wrote:
> On 2015-05-25 17:58, Adrian Klaver wrote:
>> On 05/25/2015 01:41 PM, Francisco Reyes wrote:
>>> On multiple machines, should the MD5 be the same?
>>> using
>>> select rolname, rolpassword,rolcanlogin from pg_catalog.pg_authid where
>>> rolname = 'SomeUser';
>>>
>>> Should the MD5 be the same?
>>
>> I understood that is just a md5 hash of the password and the username with the
>> string md5 pre-appended, so it should be the same.
>
> On version 9 definitely, as documented:
> http://www.postgresql.org/docs/9.3/static/catalog-pg-authid.html
>
> "The MD5 hash will be of the user's password concatenated to their user name.
> For example, if user joe has password xyzzy, PostgreSQL will store the md5
> hash of xyzzyjoe."
>
>
> Although I'm surprised it's not seeded, or even using a strong hash, but
> that's a different subject.
See here for more detail:
http://www.postgresql.org/docs/9.4/static/protocol-flow.html
AuthenticationMD5Password
>
--
Adrian Klaver
adrian.klaver@aklaver.com
