> OK, how do secondary passwords work in pg_hba.conf. It requires > clear-text 'password', right, because the password is already crypt-ed > in the file.
I presume that you're referring to passwords being transmitted clear text? > One idea I had was to look for a colon in the username, and if I see > one, I assume everything after the colon is a password. > Would that work > for you? It would as long as there was an assumption (or method to specify) that the stuff after the colon is a crypt()ed password. Our method to generate the password file is to 'ypcat passwd > /db/etc/password; cat /db/etc/pg-only-passwords >> /db/etc/password'. We could very easily only pull only the fields we care about from our yp passwd file. I suppose I should also mention that we're not wedded to this method-- we've just found it convenient. If we needed to script something else up to connect to the databases and set passwords, we could do that too, it would just be a bit more work. -ron ---------------------------(end of broadcast)--------------------------- TIP 5: Have you checked our extensive FAQ? http://www.postgresql.org/users-lounge/docs/faq.html
