Thread: catch password on Postgres server

catch password on Postgres server

From
"Bing Du"
Date:
Greetings,

Postgres 7.4 running on RedHat 9.

We are trying to migrate a MS SQL server based comertial application
software to a Postgres database.  We know what password that application
uses to connect to the MS SQL database.  The password has five letters.
We've set up the same user on the Postgres server.  However, when the
application software connects to the Postgres database through the
PostgreSQL ODBC driver, the Postgres server always shows 'password
authentication for user ...' in the log file.  I even tried all the
permutations of the letters in various cases that make up the password.
None works.  I'm completely lost.  Is there anyway on the server side to
see what was  submitted in the password field by the application from the
client side?

Any help would be greatly appreciated.

Bing

Re: catch password on Postgres server

From
Richard Huxton
Date:
On Thursday 29 January 2004 19:42, Bing Du wrote:
> Greetings,
>
> Postgres 7.4 running on RedHat 9.
>
> We are trying to migrate a MS SQL server based comertial application
> software to a Postgres database.  We know what password that application
> uses to connect to the MS SQL database.

> Is there anyway on the server side to
> see what was  submitted in the password field by the application from the
> client side?

Don't think you can get to the password without changing the code. I can think
of two options:
1. In src/backend/libpq/auth.c search for "echo password to logs" and change
the ereport() to log the password rather than not to. Reply to this if C
isn't your thing.

2. Use tcpdump -s 255 port 5432 and see what's going over the wire. You'd need
to set plaintext passwords though.

Before any of this though, make sure you can connect from Access using that
password.
--
  Richard Huxton
  Archonet Ltd

Re: catch password on Postgres server

From
"Bing Du"
Date:
Thanks very much, Richard, for your response.  Yes, I've verified other
ODBC applications can connect fine using the same password.  I'll try your
suggestions.  I've not used C for many years.

Bing

> On Thursday 29 January 2004 19:42, Bing Du wrote:
>> Greetings,
>>
>> Postgres 7.4 running on RedHat 9.
>>
>> We are trying to migrate a MS SQL server based comertial application
>> software to a Postgres database.  We know what password that application
>> uses to connect to the MS SQL database.
>
>> Is there anyway on the server side to
>> see what was  submitted in the password field by the application from
>> the
>> client side?
>
> Don't think you can get to the password without changing the code. I can
> think
> of two options:
> 1. In src/backend/libpq/auth.c search for "echo password to logs" and
> change
> the ereport() to log the password rather than not to. Reply to this if C
> isn't your thing.
>
> 2. Use tcpdump -s 255 port 5432 and see what's going over the wire. You'd
> need
> to set plaintext passwords though.
>
> Before any of this though, make sure you can connect from Access using
> that
> password.
> --
>   Richard Huxton
>   Archonet Ltd
>


Re: catch password on Postgres server

From
"Bing Du"
Date:
Regarding of changing ereport(), what's its syntax supposed to be?  Would

ereport(LOG, (buf.data))

echo password to logs?

Appreciate any help as always,

Bing

> On Thursday 29 January 2004 19:42, Bing Du wrote:
>> Greetings,
>>
>> Postgres 7.4 running on RedHat 9.
>>
>> We are trying to migrate a MS SQL server based comertial application
>> software to a Postgres database.  We know what password that application
>> uses to connect to the MS SQL database.
>
>> Is there anyway on the server side to
>> see what was  submitted in the password field by the application from
>> the
>> client side?
>
> Don't think you can get to the password without changing the code. I can
> think
> of two options:
> 1. In src/backend/libpq/auth.c search for "echo password to logs" and
> change
> the ereport() to log the password rather than not to. Reply to this if C
> isn't your thing.
>
> 2. Use tcpdump -s 255 port 5432 and see what's going over the wire. You'd
> need
> to set plaintext passwords though.
>
> Before any of this though, make sure you can connect from Access using
> that
> password.
> --
>   Richard Huxton
>   Archonet Ltd
>


Re: catch password on Postgres server

From
Tom Lane
Date:
"Bing Du" <bdu@iastate.edu> writes:
> Regarding of changing ereport(), what's its syntax supposed to be?  Would
> ereport(LOG, (buf.data))
> echo password to logs?

See
http://www.postgresql.org/docs/7.4/static/error-message-reporting.html

            regards, tom lane