On 19/12/2025 17:14, Fujii Masao wrote:
> On Fri, Dec 19, 2025 at 5:53 PM John Naylor <johncnaylorls@gmail.com> wrote:
>>
>> On Thu, Dec 18, 2025 at 2:31 PM Mikael Gustavsson
>> <mikael.gustavsson@smhi.se> wrote:
>>> This patch updates some examples in documentation client-auth.sgml from md5 to scram-sha-256
>>> Reference:
https://www.postgresql.org/message-id/176595607507.978865.11597773194269211255%40wrigleys.postgresql.org
>>
>> Pushed and backpatched to PG18, thanks!
>
> This change made me wonder whether we should also update the
> pg_hba.conf examples
> in high-availability.sgml and logical-replication.sgml. I've attached
> a patch for that. Thoughts?
+1
Let's update this example in createuser.sgml too while we're at it:
> <para>
> To create the user <literal>joe</literal> as a superuser,
> and assign a password immediately:
> <screen>
> <prompt>$ </prompt><userinput>createuser -P -s -e joe</userinput>
> <computeroutput>Enter password for new role: </computeroutput><userinput>xyzzy</userinput>
> <computeroutput>Enter it again: </computeroutput><userinput>xyzzy</userinput>
> <computeroutput>CREATE ROLE joe PASSWORD 'md5b5f5ba1a423792b526f799ae4eb3d59e' SUPERUSER CREATEDB CREATEROLE INHERIT
LOGIN;</computeroutput>
> </screen>
> In the above example, the new password isn't actually echoed when typed,
> but we show what was typed for clarity. As you see, the password is
> encrypted before it is sent to the client.
> </para>
I get this output for that command now:
$ createuser -P -s -e joe
Enter password for new role:
Enter it again:
SELECT pg_catalog.set_config('search_path', '', false);
CREATE ROLE joe PASSWORD
'SCRAM-SHA-256$4096:vrJL1JVwK9VyDQ+XmGk2lg==$K32pX1bdFx3J+LeBcFpUOmaBnIUIduAexL+ufLYz/MI=:O6gxeGemIC3wbqEWMZXKAMOnQ5A1hM07nEu7KeSrEiE='
SUPERUSER CREATEDB CREATEROLE INHERIT LOGIN NOREPLICATION NOBYPASSRLS;
- Heikki
