Thread: Should we really recommend "-A md5 or -A password"?
Hi, I just came across this: "Also, specify -A md5 or -A password so that the default trust authentication mode is not used;" https://www.postgresql.org/docs/current/creating-cluster.html Shouldn't we change that to "-A scram-sha-256" ? Regards Daniel
On Tue, May 31, 2022 at 2:29 PM Daniel Westermann (DWE) <daniel.westermann@dbi-services.com> wrote:
Hi,
I just came across this:
"Also, specify -A md5 or -A password so that the default trust authentication mode is not used;"
https://www.postgresql.org/docs/current/creating-cluster.html
Shouldn't we change that to "-A scram-sha-256" ?
Yes I think we absolutely should!
On 5/31/22 8:35 AM, Magnus Hagander wrote: > > > On Tue, May 31, 2022 at 2:29 PM Daniel Westermann (DWE) > <daniel.westermann@dbi-services.com > <mailto:daniel.westermann@dbi-services.com>> wrote: > > Hi, > > I just came across this: > "Also, specify -A md5 or -A password so that the default trust > authentication mode is not used;" > https://www.postgresql.org/docs/current/creating-cluster.html > <https://www.postgresql.org/docs/current/creating-cluster.html> > > Shouldn't we change that to "-A scram-sha-256" ? > > > Yes I think we absolutely should! +1 Proposed patch attached. This also removes "-A password" from that sentence as well. Jonathan
Attachment
>> Yes I think we absolutely should! >+1 >Proposed patch attached. This also removes "-A password" from that >sentence as well. You've been faster than me :) Looks good. Regards Daniel
On Tue, May 31, 2022 at 3:57 PM Jonathan S. Katz <jkatz@postgresql.org> wrote:
On 5/31/22 8:35 AM, Magnus Hagander wrote:
>
>
> On Tue, May 31, 2022 at 2:29 PM Daniel Westermann (DWE)
> <daniel.westermann@dbi-services.com
> <mailto:daniel.westermann@dbi-services.com>> wrote:
>
> Hi,
>
> I just came across this:
> "Also, specify -A md5 or -A password so that the default trust
> authentication mode is not used;"
> https://www.postgresql.org/docs/current/creating-cluster.html
> <https://www.postgresql.org/docs/current/creating-cluster.html>
>
> Shouldn't we change that to "-A scram-sha-256" ?
>
>
> Yes I think we absolutely should!
+1
Proposed patch attached. This also removes "-A password" from that
sentence as well.
Applied and backpatched to 14. Thanks!