Re: encrypt psql password in unix script

On 7/8/2015 11:34 AM, Suresh Raja wrote:
> I cannot use .pgpass as the password stored here is not encrypted.
>
> can i use a encrypted password from unix shell script.  has anybody
> ran into same situation. Wht options do i have.

I believe anywhere you enter a password in postgres, it can be the hash
instead.

but what security does that gain you?    if someone gets your
encrypted/hashed password, he can still log on.   the pgpass file has to
be permissions 700, so only YOU (and root) can read it.

if these are LOCAL connections to a pg server on the same machine, you
can use 'ident' as your authentication, where your unix user is used as
the postgres username.   or, you can use ssl certificates for
authentication, this is more complex to setup.


--
john r pierce, recycling bits in santa cruz