Re: Storing the password in .pgpass file in an encrypted format

Jeff Janes escribió:
> On Fri, Feb 21, 2014 at 7:04 AM, Alvaro Herrera <alvherre@2ndquadrant.com>wrote:

> >  If you were to have a mechanism by which
> > libpq can store an md5'd password (or whatever hash) and send that md5
> > to the server and have the server accept it to grant a connection, then
> > the md5 has, in effect, become the unencrypted password which others can
> > capture from the file, and you're back at square one.
> 
> The string in .pgpass would be enough for people to log into postgresql,
> true.  But it would not work to log onto other things which share the same
> clear-text password but don't share the same salting mechanism.

That's true.  Patches welcome to improve that.  Maybe we can define that
if the stored password string starts with $1$md5$ and has a just the
right length then it's a md5 hash rather than cleartext, or something
like that.

I do fear that people are going to look at the file and say "hey, it's
encrypted [sic] so it's secure!  I can share the file with the world!". 

-- 
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services