Thread: hardcode password in connect string
Hi:
PG v9.5.2 on RHEL
I like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...
psql -h thehost -U memyselfi mydb
Missing something like "-p mypassword"
Is there a way I can stick the pw in the linux alias definition ?
Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driver
Thanks !
Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars.html
Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html
Jim
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html
Jim
On April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com> wrote:
Hi:PG v9.5.2 on RHELI like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...psql -h thehost -U memyselfi mydbMissing something like "-p mypassword"Is there a way I can stick the pw in the linux alias definition ?Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driverThanks !
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
On 04/13/2018 12:46 PM, James Keener wrote:
Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars.htmlThis is usually done in ~/.pgpass
Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html
JimOn April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com> wrote:Hi:PG v9.5.2 on RHELI like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...psql -h thehost -U memyselfi mydbMissing something like "-p mypassword"Is there a way I can stick the pw in the linux alias definition ?Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driverThanks !
--
Sent from my Android device with K-9 Mail. Please excuse my brevity.
PGPASSWORD env var works fine.
Thanks !
On Fri, Apr 13, 2018 at 2:46 PM, James Keener <jim@jimkeener.com> wrote:
Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars. html
Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq- pgservice.html
Jim--On April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com> wrote:Hi:PG v9.5.2 on RHELI like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...psql -h thehost -U memyselfi mydbMissing something like "-p mypassword"Is there a way I can stick the pw in the linux alias definition ?Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driverThanks !
Sent from my Android device with K-9 Mail. Please excuse my brevity.
Hello David,
I think so, the parameter you need in psql command is -w mipassword.
But, you have to understand that use this form or set PGPASSWORD aren't safer.
Exist a file (pg_hba.conf) for this process ir task.
Regards
Obtener Outlook para Android
From: David Gauthier <davegauthierpg@gmail.com>
Sent: Friday, April 13, 2018 3:51:33 PM
To: James Keener
Cc: pgsql-generallists.postgresql.org
Subject: Re: hardcode password in connect string
Sent: Friday, April 13, 2018 3:51:33 PM
To: James Keener
Cc: pgsql-generallists.postgresql.org
Subject: Re: hardcode password in connect string
PGPASSWORD env var works fine.
Thanks !
On Fri, Apr 13, 2018 at 2:46 PM, James Keener <jim@jimkeener.com> wrote:
Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars. html
Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq- pgservice.html
Jim--On April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com> wrote:Hi:PG v9.5.2 on RHELI like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...psql -h thehost -U memyselfi mydbMissing something like "-p mypassword"Is there a way I can stick the pw in the linux alias definition ?Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driverThanks !
Sent from my Android device with K-9 Mail. Please excuse my brevity.
On 15/04/18 12:35, Ricardo Martin Gomez wrote: > Hello David, > I think so, the parameter you need in psql command is -w mipassword. Sorry, this is not correct. -w causes psql *never* to prompt for a password, and -W forces a password prompt. Neither allows the password to be passed as an argument - I don't think that this is possible with psql. Details here: https://www.postgresql.org/docs/10/static/app-psql.html Ray. -- Raymond O'Donnell :: Galway :: Ireland rod@iol.ie
2018-04-15 17:16 GMT+02:00 Raymond O'Donnell <rod@iol.ie>:
On 15/04/18 12:35, Ricardo Martin Gomez wrote:Hello David,
I think so, the parameter you need in psql command is -w mipassword.
Sorry, this is not correct. -w causes psql *never* to prompt for a password, and -W forces a password prompt. Neither allows the password to be passed as an argument - I don't think that this is possible with psql.
You're right, that's not possible (as an argument). And it is a security *feature*.
Details here:
https://www.postgresql.org/docs/10/static/app-psql.html
Ray.
--
Guillaume.
El 15/04/18 a las 12:16, Raymond O'Donnell escribió: > On 15/04/18 12:35, Ricardo Martin Gomez wrote: >> Hello David, >> I think so, the parameter you need in psql command is -w mipassword. > > Sorry, this is not correct. -w causes psql *never* to prompt for a > password, and -W forces a password prompt. Neither allows the password > to be passed as an argument - I don't think that this is possible with > psql. It is possible, you just have to construct the whole string: psql "host=thehost dbname=mydatabase user=memyselfi password=mypassword" Still, the best option, and the most secure, is to use a .pgpass file. The psql invocation with it's password will very likely end in .bash_history and alike. Regards, -- Martín Marqués http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services