Postgres Pro
Downloads
Home   >   mailing lists

Thread: PASSWORD vs. md5('somepass')

PASSWORD vs. md5('somepass')

From
Alexander Reichstadt
Date:
Hi,

I look for a way to reproduce the encrypted string stored as a password by means other than using the CREATE ROLE
command.

When using CREATE ROLE........PASSWORD 'somepass' the resulting string for rolpassword in pg_authid always starts with
md5,suggesting it would create some md5 string. So I thought to use SELECT md5('somepass') to get the same. 

But the two strings differ. Is there a function that does that outside the create role context?

Thanks
Alex

Re: PASSWORD vs. md5('somepass')

From
Josh Kupershmidt
Date:
On Tue, Mar 20, 2012 at 8:28 AM, Alexander Reichstadt <lxr@mac.com> wrote:
> Hi,
>
> I look for a way to reproduce the encrypted string stored as a password by means other than using the CREATE ROLE
command.
>
> When using CREATE ROLE........PASSWORD 'somepass' the resulting string for rolpassword in pg_authid always starts
withmd5, suggesting it would create some md5 string. So I thought to use SELECT md5('somepass') to get the same. 
>
> But the two strings differ. Is there a function that does that outside the create role context?

See pg_authid's explanation of the rolpassword column:
  http://www.postgresql.org/docs/9.1/static/catalog-pg-authid.html

which you can reproduce via:
  SELECT 'md5' || MD5(role_password_here || role_name_here);

Josh

Re: PASSWORD vs. md5('somepass')

From
Alexander Reichstadt
Date:
Thanks, I was here <http://www.postgresql.org/docs/9.1/static/sql-createrole.html>.

Am 20.03.2012 um 16:55 schrieb Josh Kupershmidt:

On Tue, Mar 20, 2012 at 8:28 AM, Alexander Reichstadt <lxr@mac.com> wrote:
Hi,

I look for a way to reproduce the encrypted string stored as a password by means other than using the CREATE ROLE command.

When using CREATE ROLE........PASSWORD 'somepass' the resulting string for rolpassword in pg_authid always starts with md5, suggesting it would create some md5 string. So I thought to use SELECT md5('somepass') to get the same.

But the two strings differ. Is there a function that does that outside the create role context?

See pg_authid's explanation of the rolpassword column:
 http://www.postgresql.org/docs/9.1/static/catalog-pg-authid.html

which you can reproduce via:
 SELECT 'md5' || MD5(role_password_here || role_name_here);

Josh

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general