Re: You're on SecurityFocus.com for the cleartext passwords.

> > Now, I we want to move all the stuff to use MD5 rather than the standard
> > unix password crypt, that is another option, though I am not sure what
> > value it would have.
> > 
> > 
> 
> How about ODBC?  This is from the ODBC driver source connection.c:
>                                 
>      self->errormsg = "Password crypt authentication not supported";
> 
> Is that because of the platform it's running on or what it's talking
> to?

Seems we don't have crypt support, so you can't send crypt passwords
from an ODBC client.  That is news to me.

From looking there, and looking at pg_hba.conf, we have both 'password'
and 'crypt' authentication in there.  

However, this is not a problem because we can still do backend-only
crypting when comparing client-sent cleartext passwords to pg_shadow
passwords.


--  Bruce Momjian                        |  http://www.op.net/~candle pgman@candle.pha.pa.us               |  (610)
853-3000+  If your life is a hard drive,     |  830 Blythe Avenue +  Christ can be your backup.        |  Drexel Hill,
Pennsylvania19026