Re: MD5 password issue

Hi Tom,

Tom Lane schrieb:
> Andreas Wenk <a.wenk@netzmeister-st-pauli.de> writes:
>> In pg_hba.conf we have:
>
>> # TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD
>
>> # "local" is for Unix domain socket connections only
>> local   all         all                               ident sameuser
>
>> # IPv4 local connections:
>> host    all         all         127.0.0.1/32          md5
>> host    all         all         192.168.97.0/24       md5
>
>> Now the question: why is the user pgadmin able to connect to the database using pgAdmin
>> III from 192.168.97.30? That sould not be possible ... or am I wrong?
>
> Why shouldn't it be possible?  You've specifically allowed connections
> from that IP range.

Yes thats correct with the IP address range. Maybe I did not understand
the auth concept yet. I thought, that with METHOD set to md5, a md5
hashed password is required. The password is submitted with the PHP 5
pg_connect function - as plain text.

> (If you're wondering why he didn't have to type his password,
> it's likely because pgAdmin is getting it out of ~/.pgpass or
> some private settings file.)
>
 >             regards, tom lane

Also to Peter. It is like that - the pasword is stored in ~/.pgpass as
expected.

So maybe the better question is: what is the difference between METHOD
password and md5? As I assume now because of your answers, it has
nothing to do with either the password is md5 hashed or not?

Thanks to everybody!

cheers

Andy

--

St.Pauli - Hamburg - Germany

Andreas Wenk