From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Peter Eisentraut <peter_e(at)gmx(dot)net>, Dave Page <dpage(at)pgadmin(dot)org>, Marko Kreen <markokr(at)gmail(dot)com>, Albe Laurenz <laurenz(dot)albe(at)wien(dot)gv(dot)at>, Andrew Dunstan <andrew(at)dunslane(dot)net>, mlortiz <mlortiz(at)uci(dot)cu>, Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Rejecting weak passwords |
Date: | 2009-10-14 22:44:47 |
Message-ID: | 20091014224447.GB17756@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> > Well, you would lose anyway if the DBA switches the pg_hba.conf setting
> > from md5 to password without telling you.
>
> True :-(. Anybody for a zero-knowledge protocol?
>
> (Realistically, non-password-based auth methods are the only real
> solution here, I fear. We should probably be doing more to encourage
> people to use SSL-cert-based authentication in low-trust situations.)
Or GSSAPI.. Helping users understand how they can leverage their
existing Kerberos or MS SSPI single-sign-on infrastructures to securely
access PG would go a long way to reducing the password-based usage out
there, imo. Of course, it'd be nice if we supported GSSAPI encrypted
transport too. Separating the encryption into SSL is less than ideal.
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Simon Riggs | 2009-10-14 22:48:23 | Re: What does this configure warning mean? |
Previous Message | Tom Lane | 2009-10-14 22:37:32 | Re: What does this configure warning mean? |