On 07/13/17 21:54, Tatsuo Ishii wrote:
>>> The comment in pg_hba.conf.sample seem to prefer md5 over clear text
>>> password.
>>>
>>> # Note that "password" sends passwords in clear text; "md5" or
>>> # "scram-sha-256" are preferred since they send encrypted passwords.
>>
>> Should that be reworded to eliminate "md5"? I'd consider "scram-sha-256"
>> suitable over a clear channel, but I've never recommended "md5" for that.
>
> I don't think so unless clear text password is superior than md5.
Neither is suitable on an unencrypted channel (as has been repeatedly
observed back to 2005 at least [1], so I guess I'm not spilling the beans).
At last, scram-sha-256 is an option that is believable for that use.
So, allowing that neither "password" nor "md5" should ever be used on
an unencrypted channel, as long as the channel is encrypted they are both
protected (by the channel encryption) from eavesdropping, so they score
a tie on that dimension. For a tiebreaker, you could look at the
consequences of revealing rolpassword from pg_authid. On that dimension,
with "md5" you have revealed a password-equivalent, while with "password"
you have not [2], so on that dimension "password" indeed is superior to
"md5".
-Chap
[1]: https://www.postgresql.org/message-id/8764ygc7i6.fsf%40stark.xeocode.com
[2]:
https://www.postgresql.org/message-id/20050421190637.GF29028%40ns.snowman.net
