Re: pgAdmin III 1.6.2 sends plaintext password

Greetings List!

I'm trying get remote management of postrgesql on Ubuntu 5.10 set up.

I am hoping to set up authentication in pg_hba.conf as

host all all 192.168.0.0/0 md5

but I wasn't successful. When I relaxed it to:

host all all 192.168.0.0/0 password

everything worked fine.

Can someone let me know how to configure pgAdmin so that it sends the
password md5 encrypted?

Thanks,

Patrick Smith
http://www.openengagement.com

--
View this message in context: http://www.nabble.com/pgAdmin-III-1.6.2-sends-plaintext-password-tf3235755.html#a8992548
Sent from the PostgreSQL - pgadmin support mailing list archive at Nabble.com.

patrimith wrote:
> Greetings List!
>
> I'm trying get remote management of postrgesql on Ubuntu 5.10 set up.
>
> I am hoping to set up authentication in pg_hba.conf as
>
> host all all 192.168.0.0/0 md5
>
> but I wasn't successful. When I relaxed it to:
>
> host all all 192.168.0.0/0 password
>
> everything worked fine.
>
> Can someone let me know how to configure pgAdmin so that it sends the
> password md5 encrypted?
>
> Thanks,
>
> Patrick Smith
> http://www.openengagement.com
>
>

I currently talk to a PostgreSQL 8.2.3 server using PgAdmin 1.6.2 with
MD5 encrypted passwords just fine.
What is the value of "password_encryption" in your PostgreSQL server's
postgresql.conf file?

[root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
'password_encryption'
password_encryption = on
[root(at)byron ~]#

Try setting it to 'on' and restarting your server.

Regards,

Andy.

Andy Shellam (Mailing Lists) wrote:
>
> What is the value of "password_encryption" in your PostgreSQL server's
> postgresql.conf file?
>
> [root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
> 'password_encryption'
> password_encryption = on
> [root(at)byron ~]#
>

That's the value in my PostgreSQL server's postgresql.conf.

Are you saying that pgAdmin knows the password_encryption setting for the
server?

I'd like to be able to connect using both plaintext and md5-encrypted
passwords to the same server depending on the environment in which the
client lives.

--
View this message in context: http://www.nabble.com/pgAdmin-III-1.6.2-sends-plaintext-password-tf3235755.html#a8994189
Sent from the PostgreSQL - pgadmin support mailing list archive at Nabble.com.

patrimith wrote:
> Andy Shellam (Mailing Lists) wrote:
>
>> What is the value of "password_encryption" in your PostgreSQL server's
>> postgresql.conf file?
>>
>> [root(at)byron ~]# cat /endeavour/dbstore/postgresql.conf|grep
>> 'password_encryption'
>> password_encryption = on
>> [root(at)byron ~]#
>>
>>
>
> That's the value in my PostgreSQL server's postgresql.conf.
>
> Are you saying that pgAdmin knows the password_encryption setting for the
> server?
>

I'm not sure, but I'd hazard a guess it's the underlying libpq library
that during the handshake works out which authentication scheme to use.
How was your user created? When you add a new login role, it stores the
encrypted password in the login profile:

CREATE ROLE test LOGIN ENCRYPTED PASSWORD
'md505a671c66aefea124cc08b76ea6d30bb'
NOINHERIT
VALID UNTIL 'infinity';

If the value of password_encryption was set to off when the user was
created, I'd guess it would create it with a plain-text password (not
100% sure.)

> I'd like to be able to connect using both plaintext and md5-encrypted
> passwords to the same server depending on the environment in which the
> client lives.
>

Create a different line in pg_hba.conf for each host environment
(network IP range), using the relevant "password" or "md5" keyword.

Andy.