Re: Security with V9.3.3 standby servers

On Feb 26, 2015, at 9:15 AM, John Scalia <jayknowsunix@gmail.com> wrote:
>
> An edict has been handed down here from on high that no script shall ever contain any password in cleartext for any
reason.Well this is problem with a streaming replication standby server's recovery.conf file as the line
primary_conninfo= contains said replication user's password for that connection. Is there any sort of plan to allow
thisto be md5 or some such encoded? Or what else could I do in this case? 

I have replica standbys that are firewalled from the primary. The primary establishes a reverse SSH tunnel to the
replica,then the replica is configured as for a local connection on-server at the primary, just using UNIX identity. 

--
Scott Ribe
scott_ribe@elevated-dev.com
http://www.elevated-dev.com/
(303) 722-0567 voice