Thread: cleartext password catch-22

postgresql version = 7.1
platform = linux intel

Hi.  I guess this isn't really a bug since it's acknowledged by the docs
in auth-methods.html:

'Alternative passwords cannot be used when using the crypt method. The
file will still be evaluated as usual but the password field will simply
be ignored and the pg_shadow password will be used'

but here's my problem.

I'm trying to get rid of all cleartext passwords: on the filesystem and
sent over the wire.

Using 'CREATE USER' generates $PGDATA/global/pg_pwd that has cleartext
passwords.  Setting up pg_hba.conf with a record like:

host    somedb somehost       255.255.255.255 password

and you get cleartext passwords over the wire.

changing the hba record to:

host    somedb somehost       255.255.255.255 crypt

you get encrypted passwords over the wire.  Half of the problem
solved.

You can use pg_passwd to generate a file with encrypted passwords
and use it as the 6th field in pg_hba.conf like:

host    somedb somehost       255.255.255.255 crypt somepasswdfile

but I get a client authentication failure and the server logs say:

Password authentication failed for user 'someuser'

changing the record back to:

host    somedb somehost       255.255.255.255 password somepasswdfile

authentication is successful but you get cleartext passwords over the
wire.  Hence the catch-22: you can have encrypted passwords on the
filesystem but cleartext passwords over the wire OR you can have encrypted
passwords on the filesystem but cleartext passwords over the wire.

Thanks.
Mike