Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
| От | Stephen Frost |
|---|---|
| Тема | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords |
| Дата | |
| Msg-id | 20050422194735.GP29028@ns.snowman.net обсуждение исходный текст |
| Ответ на | Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords (Eliot Simcoe <esimcoe@mac.com>) |
| Список | pgsql-hackers |
* Eliot Simcoe (esimcoe@mac.com) wrote: > On Apr 21, 2005, at 8:59 PM, Stephen Frost wrote: > >The intention of the 'md5' method in pg_hba.conf is to avoid having > >the > >password go over the network in the clear, yes. Unfortunately, this > >pretty much requires that the database have something which is > >password-equivilant stored on disk. > > Wouldn't it be possible for postgres to rehash the md5 checksum of the > password before storing it in pg_shadow? This seems preferable if not > optimal. > Does anyone know why this is not being done? Well, let's consider what's happening with that: server- user added 'with encrypted password' server- generate random salt server- perform md5(md5(password+username)+salt) into hash server- store hash and salt in pg_shadow client- contact server server- randomly generate challenge server- send challenge to client client- perform md5(md5(password+username)+challenge) into response client- send response to server server- retrive hash and salt from pg_shadow server- perform md5(hash+salt) into expected server- compare response from client to expected server- nope, they don't match... Whoops, that doesn't work, trying to compare: md5(md5(password+username)+challenge) to md5(md5(password+username)+salt) Challenge and salt aren't the same, nor should they be (if they were then they'd have to be constant and you would have to send it over the wire). If I missed something in this, please let me know. Stephen
В списке pgsql-hackers по дате отправления: