Euler Taveira wrote: > On 21-02-2014 09:49, firoz e v wrote: > > Even though, there are ways to set the permissions on .pgpass, to disallow > > any access to world or group, the security rules of many organizations > > disallow to hold any kind of passwords, as plain text. > > > Is your goal hiding the password in .pgpass? You could add support to > accept md5... storage format as password.
How would that work? libpq needs the straight password to send to the server, not an encrypted one. If you were to have a mechanism by which libpq can store an md5'd password (or whatever hash) and send that md5 to the server and have the server accept it to grant a connection, then the md5 has, in effect, become the unencrypted password which others can capture from the file, and you're back at square one. You could instead try to have an authentication agent that stores an encrypted password or certificate and asks the user to supply the key to decrypt it when trying to establish a connection; but that would force you to require user intervention, which in many cases you don't want. If there's policy that disallows storage of plain-text passwords, your only choice appears to be not to use .pgpass in the first place. -- Álvaro Herrera http://www.2ndQuadrant.com/ PostgreSQL Development, 24x7 Support, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
