public inbox for [email protected]
help / color / mirror / Atom feedFrom: Stephen Frost <[email protected]>
To: Peter Eisentraut <[email protected]>
Cc: Christoph Berg <[email protected]>
Cc: Devrim Gündüz <[email protected]>
Cc: Craig Ringer <[email protected]>
Cc: pgsql-pkg-yum <[email protected]>
Subject: Re: Can we stop defaulting to 'ident'?
Date: Wed, 20 May 2020 10:57:52 -0400
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <CAMsr+YFCuBGWh4=aM-K2LCsBEwcrqm=pphKKHEH09vHwXcspow@mail.gmail.com>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
<[email protected]>
Greetings,
* Peter Eisentraut ([email protected]) wrote:
> On 2020-05-20 15:40, Christoph Berg wrote:
> >Re: Peter Eisentraut
> >>The upstream default is still to use md5 passwords by default, and some
> >>deliberation has gone into that to keep it that way. So it would make sense
> >>to have the RPMs also do that. The Debian packages also still use md5.
> >>Some consistency across the board would be good. Otherwise it will be very
> >>confusing for users if everyone just goes into their own direction.
> >
> >The upstream initdb default is still 'trust', but everyone agrees that
> >it's good that distributions are changing that so something more
> >secure, so we are already disconnected from the "true" default here.
>
> Sorry, I should have been more clear. The upstream default of the GUC
> parameter "password_encryption" is md5.
Which, really, is pretty broken when we're going to be having our
packagers setting up pg_hba.conf to use scram- at the *very* least it's
ridiculously misleading because we're going to have SCRAM in pg_hba.conf
but passwords actually stored as md5 and therefore we won't be getting
the benefits from SCRAM auth (though it should still work, of course,
since the SCRAM mode will fall back to working with an md5 password).
I don't recall a v13 discussion around if we should continue to have md5
as the default for *new* installations for password_encryption.
> It is understood that the default client authentication method can be
> changed downstream.
While this discussion has been about pg_hba.conf, we really should clean
it all up and encourage users, by setting sane defaults, to use SCRAM.
That necessarily includes setting SCRAM as the password_encryption
method.
Thanks,
Stephen
Attachments:
[application/pgp-signature] signature.asc (819B, 2-signature.asc)
download
view thread (54+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Can we stop defaulting to 'ident'?
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox