Re: initdb recommendations

On 2019-04-05 18:11, Jonathan S. Katz wrote:
> +    <para>
> +      We recommend using the <option>-W</option>, <option>--pwprompt</option>,
> +      or <option>--pwfile</option> flags to assign a password to the database
> +      superuser, and to override the <filename>pg_hba.conf</filename> default
> +      generation using <option>-auth-local peer</option> for local connections,
> +      and <option>-auth-host scram-sha-256</option> for remote connections. See
> +      <xref linkend="client-authentication"/> for more information on client
> +      authentication methods.
> +    </para>

As discussed on hackers, we are not ready to support scram-sha-256 out
of the box.  So this advice, or any similar advice elsewhere, would need
to recommend "md5" as the setting --- which would probably be embarrassing.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services