Lists: | pgadmin-support |
---|
From: | patrimith <paddysmith(at)gmail(dot)com> |
---|---|
To: | pgadmin-support(at)postgresql(dot)org |
Subject: | pgAdmin III 1.6.2 sends plaintext password |
Date: | 2007-02-15 19:57:14 |
Message-ID: | 8992548.post@talk.nabble.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgadmin-support |
Greetings List!
I'm trying get remote management of postrgesql on Ubuntu 5.10 set up.
I am hoping to set up authentication in pg_hba.conf as
host all all 192.168.0.0/0 md5
but I wasn't successful. When I relaxed it to:
host all all 192.168.0.0/0 password
everything worked fine.
Can someone let me know how to configure pgAdmin so that it sends the
password md5 encrypted?
Thanks,
Patrick Smith
http://www.openengagement.com
--
View this message in context: http://www.nabble.com/pgAdmin-III-1.6.2-sends-plaintext-password-tf3235755.html#a8992548
Sent from the PostgreSQL - pgadmin support mailing list archive at Nabble.com.
From: | "Andy Shellam (Mailing Lists)" <andy(dot)shellam-lists(at)mailnetwork(dot)co(dot)uk> |
---|---|
To: | patrimith <paddysmith(at)gmail(dot)com> |
Cc: | pgadmin-support(at)postgresql(dot)org |
Subject: | Re: pgAdmin III 1.6.2 sends plaintext password |
Date: | 2007-02-15 21:20:38 |
Message-ID: | 45D4CEA6.8090002@mailnetwork.co.uk |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgadmin-support |
patrimith wrote:
> Greetings List!
>
> I'm trying get remote management of postrgesql on Ubuntu 5.10 set up.
>
> I am hoping to set up authentication in pg_hba.conf as
>
> host all all 192.168.0.0/0 md5
>
> but I wasn't successful. When I relaxed it to:
>
> host all all 192.168.0.0/0 password
>
> everything worked fine.
>
> Can someone let me know how to configure pgAdmin so that it sends the
> password md5 encrypted?
>
> Thanks,
>
> Patrick Smith
> http://www.openengagement.com
>
>
I currently talk to a PostgreSQL 8.2.3 server using PgAdmin 1.6.2 with
MD5 encrypted passwords just fine.
What is the value of "password_encryption" in your PostgreSQL server's
postgresql.conf file?
[root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
'password_encryption'
password_encryption = on
[root(at)byron ~]#
Try setting it to 'on' and restarting your server.
Regards,
Andy.
From: | patrimith <paddysmith(at)gmail(dot)com> |
---|---|
To: | pgadmin-support(at)postgresql(dot)org |
Subject: | Re: pgAdmin III 1.6.2 sends plaintext password |
Date: | 2007-02-15 21:32:09 |
Message-ID: | 8994189.post@talk.nabble.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgadmin-support |
Andy Shellam (Mailing Lists) wrote:
>
> What is the value of "password_encryption" in your PostgreSQL server's
> postgresql.conf file?
>
> [root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
> 'password_encryption'
> password_encryption = on
> [root(at)byron ~]#
>
That's the value in my PostgreSQL server's postgresql.conf.
Are you saying that pgAdmin knows the password_encryption setting for the
server?
I'd like to be able to connect using both plaintext and md5-encrypted
passwords to the same server depending on the environment in which the
client lives.
--
View this message in context: http://www.nabble.com/pgAdmin-III-1.6.2-sends-plaintext-password-tf3235755.html#a8994189
Sent from the PostgreSQL - pgadmin support mailing list archive at Nabble.com.
From: | "Andy Shellam (Mailing Lists)" <andy(dot)shellam-lists(at)mailnetwork(dot)co(dot)uk> |
---|---|
To: | patrimith <paddysmith(at)gmail(dot)com> |
Cc: | pgadmin-support(at)postgresql(dot)org |
Subject: | Re: pgAdmin III 1.6.2 sends plaintext password |
Date: | 2007-02-15 21:39:55 |
Message-ID: | 45D4D32B.5090105@mailnetwork.co.uk |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgadmin-support |
patrimith wrote:
> Andy Shellam (Mailing Lists) wrote:
>
>> What is the value of "password_encryption" in your PostgreSQL server's
>> postgresql.conf file?
>>
>> [root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
>> 'password_encryption'
>> password_encryption = on
>> [root(at)byron ~]#
>>
>>
>
> That's the value in my PostgreSQL server's postgresql.conf.
>
> Are you saying that pgAdmin knows the password_encryption setting for the
> server?
>
I'm not sure, but I'd hazard a guess it's the underlying libpq library
that during the handshake works out which authentication scheme to use.
How was your user created? When you add a new login role, it stores the
encrypted password in the login profile:
CREATE ROLE test LOGIN ENCRYPTED PASSWORD
'md505a671c66aefea124cc08b76ea6d30bb'
NOINHERIT
VALID UNTIL 'infinity';
If the value of password_encryption was set to off when the user was
created, I'd guess it would create it with a plain-text password (not
100% sure.)
> I'd like to be able to connect using both plaintext and md5-encrypted
> passwords to the same server depending on the environment in which the
> client lives.
>
Create a different line in pg_hba.conf for each host environment
(network IP range), using the relevant "password" or "md5" keyword.
Andy.