Greetings, * Jeff Davis (pg...@j-davis.com) wrote: > On Sat, 2019-08-10 at 00:17 +0300, Heikki Linnakangas wrote: > > auth_methods = 'MITM, -password, -md5' > > Keep in mind this is client configuration, so something reasonable in > postgresql.conf might not be so reasonable in the form:
Yeah, that's a really good point. > postgresql://foo:secret@myhost/mydb?auth_methods=MITM%2C%20- > password%2C%20-md5 > > Another thing to consider is that there's less control configuring on > the client than on the server. The server will send at most one > authentication request based on its own rules, and all the client can > do is either answer it, or disconnect. And the SSL stuff all happens > before that, and won't use an authentication request message at all. Note that GSSAPI Encryption works the same as SSL in this regard. Thanks, Stephen
signature.asc
Description: PGP signature