Re: forcing postgresql 7.3 to use crypt passwords

On Wed, 2003-12-31 at 12:20, Tom Lane wrote:
> Kenny Drobnack <kenny@jumpline.com> writes:
> > We currently have multiple databases running different versions of
> > postgresql ranging from version 7.1 to 7.3. When we create users in 7.3
> > databases, it encrypts their passwords with md5, which is not supported
> > in 7.1. Is there some way to force postgresql 7.3 to use the old crypt
> > encryption for passwords when creating users?
>
> AFAIR the previous approach was not to encrypt passwords at all in
> pg_shadow.  You can still do that with ALTER USER ... UNENCRYPTED PASSWORD
> (also there's a setting to make this the default behavior).
>
>             regards, tom lane

Thanks! I got it figured out. I add "password_encryption = false" to
postgresql.conf and did ALTER USER ... PASSWORD on all the users. Then,
found some docs that said the crypt encryption option only encrypts
passwords going across network connections, not in the database. So I've
set that as the authorization method in pg_hba.conf. So we've got
passwords encrypted everywhere except in pg_shadow. It'll due till we
get everything upgraded to 7.3 or preferably 7.4.


--
Kenny