> > Supporting md5 auth with pgpool is fundamentally impossible. > > > > 1) PostgreSQL send 32bit encryption salt to pgpool > > > > 2) pgpool forwards it to client > > > > 3) client encrypt password using the salt > > > > 4) pgpool forward the encrypted password to PostgreSQL > > > > Problem is, the salt in #1 is a random number and are > > differ among > > PostgreSQL servers. Using different salt produces different > > encrypted > > password in #3. Of course if you have only 1 PostgreSQL > > server, then > > you don't have the problem of course. But with only 1 > > PostgreSQL you > > cannot make master/slave or replication system:-) > > Thanks for that, I understand why it could never work now.
You are welcome. I hope someone someday comes up and tell me I am wrong:-) > Is it only the pgpool IP I have to set to trust, or do I have to open things > up and trust every client? Only pgpool IP. You can use "password" auth as well by the way. -- Tatsuo Ishii SRA OSS, Inc. Japan _______________________________________________ Pgpool-general mailing list Pgpool-general@pgfoundry.org http://pgfoundry.org/mailman/listinfo/pgpool-general
