Thread: Password authentication disabled due to MD5 usage

Password authentication disabled due to MD5 usage

From
Peter Schuller
Date:
Hello,

since I upgraded PostgreSQL it now stores passwords in MD5 format. When
I try connecting using password authentication, i get:

Jan  9 12:22:24 prometheus postgres[28540]: [2] LOG:  Password is stored
MD5 encrypted.  'password' and 'crypt' auth methods cannot be used.

Now, if password and crypt are no longer available, how am I supposed to
connect through TCP at all? Assuming I don't want to set up kerberos or
something just to get PostgreSQL working :)

The the more important question is, how do I change this back? In the
current situation I couldn't care less about this type of security
because everything is done on the loopback interface so plain text is
fine. I just need to be able to connect using password authentication
(I'm using JDBC).

Any pointers are greatly appreciated. Thanks!

--
/ Peter Schuller, InfiDyne Technologies HB

PGP userID: 0xE9758B7D or 'Peter Schuller <peter.schuller@infidyne.com>'
Key retrival: Send an E-Mail to getpgpkey@scode.org
E-Mail: peter.schuller@infidyne.com Web: http://www.scode.org





Re: Password authentication disabled due to MD5 usage

From
Bruce Momjian
Date:
The recommendation is to use MD5.  However, 7.3.1 has a fix so you can
use 'password' again.

---------------------------------------------------------------------------

Peter Schuller wrote:
> Hello,
>
> since I upgraded PostgreSQL it now stores passwords in MD5 format. When
> I try connecting using password authentication, i get:
>
> Jan  9 12:22:24 prometheus postgres[28540]: [2] LOG:  Password is stored
> MD5 encrypted.  'password' and 'crypt' auth methods cannot be used.
>
> Now, if password and crypt are no longer available, how am I supposed to
> connect through TCP at all? Assuming I don't want to set up kerberos or
> something just to get PostgreSQL working :)
>
> The the more important question is, how do I change this back? In the
> current situation I couldn't care less about this type of security
> because everything is done on the loopback interface so plain text is
> fine. I just need to be able to connect using password authentication
> (I'm using JDBC).
>
> Any pointers are greatly appreciated. Thanks!
>
> --
> / Peter Schuller, InfiDyne Technologies HB
>
> PGP userID: 0xE9758B7D or 'Peter Schuller <peter.schuller@infidyne.com>'
> Key retrival: Send an E-Mail to getpgpkey@scode.org
> E-Mail: peter.schuller@infidyne.com Web: http://www.scode.org
>
>
>
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
>     (send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
>

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

Re: Password authentication disabled due to MD5 usage

From
Peter Schuller
Date:
> The recommendation is to use MD5.  However, 7.3.1 has a fix so you can
> use 'password' again.

Ok - thanks!

--
/ Peter Schuller, InfiDyne Technologies HB

PGP userID: 0xE9758B7D or 'Peter Schuller <peter.schuller@infidyne.com>'
Key retrival: Send an E-Mail to getpgpkey@scode.org
E-Mail: peter.schuller@infidyne.com Web: http://www.scode.org