Euler Taveira wrote:
> On 21-02-2014 09:49, firoz e v wrote:
> > Even though, there are ways to set the permissions on .pgpass, to disallow 
> > any access to world or group, the security rules of many organizations 
> > disallow to hold any kind of passwords, as plain text.
> > 
> Is your goal hiding the password in .pgpass? You could add support to
> accept md5... storage format as password.

How would that work?  libpq needs the straight password to send to the
server, not an encrypted one.  If you were to have a mechanism by which
libpq can store an md5'd password (or whatever hash) and send that md5
to the server and have the server accept it to grant a connection, then
the md5 has, in effect, become the unencrypted password which others can
capture from the file, and you're back at square one.

You could instead try to have an authentication agent that stores an
encrypted password or certificate and asks the user to supply the key to
decrypt it when trying to establish a connection; but that would force
you to require user intervention, which in many cases you don't want.

If there's policy that disallows storage of plain-text passwords, your
only choice appears to be not to use .pgpass in the first place.

Álvaro Herrera      
PostgreSQL Development, 24x7 Support, Training & Services

Sent via pgsql-hackers mailing list (
To make changes to your subscription:

Reply via email to