Thread: forcing postgresql 7.3 to use crypt passwords

forcing postgresql 7.3 to use crypt passwords

From
Kenny Drobnack
Date:
We currently have multiple databases running different versions of
postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
databases, it encrypts their passwords with md5, which is not supported
in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
encryption for passwords when creating users?

Apologies if this message shows up twice. It didn't seem to be going
thru when I sent it without subscribing.

--
Kenny Drobnack


Re: forcing postgresql 7.3 to use crypt passwords

From
Tom Lane
Date:
Kenny Drobnack <kenny@jumpline.com> writes:
> We currently have multiple databases running different versions of
> postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
> databases, it encrypts their passwords with md5, which is not supported
> in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
> encryption for passwords when creating users?

AFAIR the previous approach was not to encrypt passwords at all in
pg_shadow.  You can still do that with ALTER USER ... UNENCRYPTED PASSWORD
(also there's a setting to make this the default behavior).

            regards, tom lane

Re: forcing postgresql 7.3 to use crypt passwords

From
Kenny Drobnack
Date:
On Wed, 2003-12-31 at 12:20, Tom Lane wrote:
> Kenny Drobnack <kenny@jumpline.com> writes:
> > We currently have multiple databases running different versions of
> > postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
> > databases, it encrypts their passwords with md5, which is not supported
> > in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
> > encryption for passwords when creating users?
>
> AFAIR the previous approach was not to encrypt passwords at all in
> pg_shadow.  You can still do that with ALTER USER ... UNENCRYPTED PASSWORD
> (also there's a setting to make this the default behavior).
>
>             regards, tom lane

Thanks! I got it figured out. I add "password_encryption = false" to
postgresql.conf and did ALTER USER ... PASSWORD on all the users. Then,
found some docs that said the crypt encryption option only encrypts
passwords going across network connections, not in the database. So I've
set that as the authorization method in pg_hba.conf. So we've got
passwords encrypted everywhere except in pg_shadow. It'll due till we
get everything upgraded to 7.3 or preferably 7.4.


--
Kenny