Home > mailing lists

Re: [ADMIN] Passwords in clear text in server log - Mailing list pgsql-admin

From	Don Seiler
Subject	Re: [ADMIN] Passwords in clear text in server log
Date	October 11, 2017 22:25:49
Msg-id	CAHJZqBAYL38oUd=Vh2n3e7FoB+S-mR9N0ya=gS656do22sKgKw@mail.gmail.com Whole thread Raw
In response to	Re: [ADMIN] Passwords in clear text in server log (Stephen Frost <sfrost@snowman.net>)
List	pgsql-admin

Tree view

On Wed, Oct 11, 2017 at 11:19 AM, Stephen Frost <sfrost@snowman.net> wrote:

As I understand it, you're in an Active Directory environment, where
what you really want to be using for authentication is Kerberos / GSSAPI,
not LDAP. With LDAP, the password is still sent to the PG server in
cleartext during the authentication and that's entirely unnecessary in
an Active Directory environment where you have a Kerberos realm already
in place.

Yes thanks for this info. I'll read up on Kerberos auth and change my long-term plan on that accordingly.

Thanks,

Don.

Don Seiler
www.seiler.us

pgsql-admin by date:

From: Stephen Frost
Date: 11 October 2017, 22:19:14
Subject: Re: [ADMIN] Passwords in clear text in server log

From: Alvaro Herrera
Date: 12 October 2017, 01:43:23
Subject: Re: [ADMIN] Passwords in clear text in server log

Re: [ADMIN] Passwords in clear text in server log - Mailing list pgsql-admin

Previous

Next