Home > mailing lists

Re: [HACKERS] SCRAM authentication, take three - Mailing list pgsql-hackers

From	Craig Ringer
Subject	Re: [HACKERS] SCRAM authentication, take three
Date	April 10, 2017 11:57:26
Msg-id	CAMsr+YHB7sgRoMgj+x2DLHQ1pRt3YPF+xk4W0HR_g+0PRFDAUQ@mail.gmail.com Whole thread Raw
In response to	Re: [HACKERS] SCRAM authentication, take three (Michael Paquier <michael.paquier@gmail.com>)
Responses	Re: [HACKERS] SCRAM authentication, take three (Craig Ringer <craig@2ndquadrant.com>)
List	pgsql-hackers

Tree view

On 10 April 2017 at 12:34, Michael Paquier <michael.paquier@gmail.com> wrote:

> Attached is a patch to hopefully make the discussion progress. I
> simply propose to use sasl as a keyword for pg_hba.conf, on the basis
> that SASL is the protocol used, and scram is a mechanism used to
> achieve the SASL exchange. We can always come up with a set of options
> and aliases later, I am actually open to have more fancy extra options
> in pg_hba.conf.

I'd really like to see this approach proceed.

pg_hba.conf isn't the most user-friendly thing in the world, and seems
to be one of the top sources of confusion for new users. Simple is
good here IMO.

Let users specify 'scram' and negotiate.

-- Craig Ringer                   http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training & Services

pgsql-hackers by date:

From: Michael Paquier
Date: 10 April 2017, 11:42:50
Subject: Re: [HACKERS] scram and \password

From: Craig Ringer
Date: 10 April 2017, 11:57:38
Subject: Re: [HACKERS] SCRAM authentication, take three

Re: [HACKERS] SCRAM authentication, take three - Mailing list pgsql-hackers

Previous

Next