Home > mailing lists

BUG #15035: scram-sha-256 blocks all logins - Mailing list pgsql-bugs

From	David G. Johnston
Subject	BUG #15035: scram-sha-256 blocks all logins
Date	January 30, 2018 10:37:53
Msg-id	CAKFQuwbthtxsDcf1YqYO4JiC3KeoejeuJsfWk6pFaSpauHAoaA@mail.gmail.com Whole thread Raw
In response to	Re: BUG #15035: scram-sha-256 blocks all logins (Meirav Rath <meirav.rath@imperva.com>)
Responses	RE: BUG #15035: scram-sha-256 blocks all logins
List	pgsql-bugs

Tree view

On Monday, January 29, 2018, Meirav Rath <meirav.rath@imperva.com> wrote:

I set up the password hashing method to scram and now no one can login to the server and that's not a bug??

If we understand the problem correctly, no, it's not a bug: changing the password type setting after deployment requires some work to change pre-existing roles. It is not possible for the server to do it for you, the passwords being encrypted.

I think the short answer is to setup pg_hba.conf so you can get a superuser login without a password (peer or trust) and then alter the superuser password and create/alter any users you want with new password in scram format.

David J.

pgsql-bugs by date:

From: Meirav Rath
Date: 30 January 2018, 10:12:37
Subject: Re: BUG #15035: scram-sha-256 blocks all logins

From: Tom Lane
Date: 30 January 2018, 10:40:53
Subject: Re: BUG #15035: scram-sha-256 blocks all logins

BUG #15035: scram-sha-256 blocks all logins - Mailing list pgsql-bugs

Previous

Next