RE: ODBC and crypted passwords

Thats why I said its for the future :-)

I always use crypt if it's going outside the server, so some form of
encrypted transport is required. Anyhow, the main reason I mentioned
PAM, is that not every platform would have a password file (NT for
example, although you can configure one in cygwin).

Peter

-- 
Peter Mount
Enterprise Support
Maidstone Borough Council
Any views stated are my own, and not those of Maidstone Borough Council.



-----Original Message-----
From: Hannu Krosing [mailto:hannu@tm.ee]
Sent: Wednesday, April 12, 2000 10:47 AM
To: Peter Mount
Cc: 'Henk van Lingen'; pgsql-interfaces@postgresql.org
Subject: Re: [INTERFACES] ODBC and crypted passwords


Peter Mount wrote:
> 
> One thing that may be useful, is not to check against the unix
password
> file, but to use PAM. That way, you could even authenticate against
the
> dreadded NT accounts, unix password file, dbm file etc...
> 
> Anyhow, this is something to think about for the future ;-)

IMHO this defeats the purpose of crypt - not to send plaintext passwords

over the net.

OTOH, it could be done over a secure (SSL/TLS) channel of course.

-----------
Hannu