Thread: M$oft Win95, ODBC and 'crypt-ed' Passwords

M$oft Win95, ODBC and 'crypt-ed' Passwords

From
Paul Roberts
Date:
Relative newbie here ....

I'm hoping to use PostgreSQL to host the busier tables on a Student
Administation DBMS for three small HE colleges which we're developing at
the moment.  The front-end clients will be M$-Access on Win95/NT4.0
boxes.

ODBC is working fine.  However, I'm none-too-keen on routinely sending
unencrypted passwords over the Internet link between the different sites
at the moment of connection.

One solution is to edit pg_hba.conf to mask host access on IP number and
trust the hosts. Errm, no thanks....

The other solution which works is to send open passwords over the link -
I'd rather not do this.

pg_hba.conf also offers ident server authentication : I know nothing of
this, but does it pertain to the M$ platform?

It also offers crypt / decrypt, which UN&X/Linux could offer, but is
there a M$ en-crypting solution?

Have any others found a way around this problem?  Is there a best
solution?

Regards
Paul


Re: [INTERFACES] M$oft Win95, ODBC and 'crypt-ed' Passwords

From
Byron Nikolaidis
Date:
Paul Roberts wrote:

> ODBC is working fine.  However, I'm none-too-keen on routinely sending
> unencrypted passwords over the Internet link between the different sites
> at the moment of connection.
>
> It also offers crypt / decrypt, which UN&X/Linux could offer, but is
> there a M$ en-crypting solution?
>

Currently, the odbc driver can't handle the encrypting passwords option of
authentication.
When the request comes back from postgres to encrypt the password with the
"salt", the driver will just error out, saying that authentication type is
not supported.  Same for kerberos 4/5 authentication.

I hope to add encrypted passwords someday.

I noticed the jdbc driver has some encryption algorithm built in.  Can
someone please elaborate on that, like where did you get it, or did you
write it, etc??

Byron



Re: [INTERFACES] M$oft Win95, ODBC and 'crypt-ed' Passwords

From
Paul Roberts
Date:
Byron Nikolaidis wrote:

> Paul Roberts wrote:
>
> > ODBC is working fine.  However, I'm none-too-keen on routinely sending
> > unencrypted passwords over the Internet link between the different sites
> > at the moment of connection.
> >
> > It also offers crypt / decrypt, which UN&X/Linux could offer, but is
> > there a M$ en-crypting solution?
> >
>
> Currently, the odbc driver can't handle the encrypting passwords option of
> authentication.
> When the request comes back from postgres to encrypt the password with the
> "salt", the driver will just error out, saying that authentication type is
> not supported.  Same for kerberos 4/5 authentication.
>
> I hope to add encrypted passwords someday.
>
> I noticed the jdbc driver has some encryption algorithm built in.  Can
> someone please elaborate on that, like where did you get it, or did you
> write it, etc??

OK, that's fine.  I gather what you have in mind is that the driver would do
the crypting - neat!

BTW the driver is great!  As a complete newbie in both postgreSQL and ODBC
terms, I got it up with no pain.  (The only glitch was needing to run
postmaster with -i, which subsequently looking at this list seems to be an old
chestnut.)

Paul