Re: Open 7.3 items

> OK, how do secondary passwords work in pg_hba.conf.  It requires
> clear-text 'password', right, because the password is already crypt-ed
> in the file.

I presume that you're referring to passwords being transmitted clear text?  

> One idea I had was to look for a colon in the username, and if I see
> one, I assume everything after the colon is a password.  
> Would that work
> for you?

It would as long as there was an assumption (or method to specify) that the
stuff after the colon is a crypt()ed password.  Our method to generate the
password file is to 'ypcat passwd > /db/etc/password; cat
/db/etc/pg-only-passwords >> /db/etc/password'.  We could very easily only
pull only the fields we care about from our yp passwd file.

I suppose I should also mention that we're not wedded to this method-- we've
just found it convenient.  If we needed to script something else up to
connect to the databases and set passwords, we could do that too, it would
just be a bit more work.

-ron