Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps
 (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbBgD-0000ld-5p
	for pgsql-pkg-yum@arkaria.postgresql.org; Tue, 19 May 2020 23:29:49 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.92)
	(envelope-from <pgsql-pkg-yum-owner+archive@lists.postgresql.org>)
	id 1jbBgB-00074e-6b
	for pgsql-pkg-yum@arkaria.postgresql.org; Tue, 19 May 2020 23:29:47 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <fedoraproject@cyberpear.com>)
	id 1jbBg9-00074W-CG
	for pgsql-pkg-yum@lists.postgresql.org; Tue, 19 May 2020 23:29:47 +0000
Received: from wout5-smtp.messagingengine.com ([64.147.123.21])
	by magus.postgresql.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <fedoraproject@cyberpear.com>)
	id 1jbBfz-00021V-Jd
	for pgsql-pkg-yum@lists.postgresql.org; Tue, 19 May 2020 23:29:44 +0000
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47])
	by mailout.west.internal (Postfix) with ESMTP id CB82A246;
	Tue, 19 May 2020 19:29:31 -0400 (EDT)
Received: from imap22 ([10.202.2.72])
  by compute7.internal (MEProxy); Tue, 19 May 2020 19:29:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cyberpear.com;
	 h=mime-version:message-id:in-reply-to:references:date:from:to
	:subject:content-type:content-transfer-encoding; s=fm3; bh=CoPyV
	cgCGTK3zVr8DZVghtFgc0f44cFYtn2zmSdRW6k=; b=5CEDoYJXYegYyzdUtrl48
	6oG1Shc/r9jGHIkZt0nym9LqzGGPnotE9ADXZwQJGXqZhJc+MFWGKs84d5RudR4Y
	L8+Exv64gThaM6igOkoCHuXYtc5jkeKnwsZTvHapCnBv8Us8J8d3S9gThY9QIggc
	QxkLYVAWIxemD2uMsgGxMbC25pQTpM+u6VgXqk68R0c9o4g75d80DVh/3TAoRv35
	b9CemiasOKemV5n8DaGiQvPploGAeCrehrzJL4SXBLoLyhZfLUKsAKdal76iJqob
	y6zyVivhhzIba1Cngs+WoYXypgaJcMqgL3MaF3M1o+3oh8ywQbrV4TZkde9Noyxm
	w==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=content-transfer-encoding:content-type
	:date:from:in-reply-to:message-id:mime-version:references
	:subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender
	:x-sasl-enc; s=fm2; bh=CoPyVcgCGTK3zVr8DZVghtFgc0f44cFYtn2zmSdRW
	6k=; b=4MgRrGYAFeZajWNCbiN0vLKIhum24fByELDcXA7kuKKAuave6qoRwqNF8
	D1hQQKhn6ThSBFlxBKIgXp6WWOMuJiNgh1D2G7uDSklIfCOaqMs5c7L9hm3SoQx5
	C9dwtIpLD+6qZWNLfCboqzWtV6LHDXhYOu4zkAwFffBNsPxZVGjNHx945EwF0CJQ
	THKE0UFtm71C3iWt0+fVwtYY9CslpxuaPcpszv/0g1u3g3eeFmQ3XMnrV6cN5HG3
	iyV/T3JR3zN1Xvm5juEkgd1QoLEZY7pRkkS0Ngprzs7DleTWqyFbZQpvAIvM3jtW
	HQvl1D29uAZtFf/SFfiLD36mr5sqA==
X-ME-Sender: <xms:2mvEXv_lBwhQSnsW6h1ymQnc_hUrndXWbGU9xg5FQ6ozyI6NHu323g>
X-ME-Proxy-Cause: 
 gggruggvucftvghtrhhoucdtuddrgeduhedruddtkedgvdduucetufdoteggodetrfdotf
    fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
    uceurghilhhouhhtmecufedttdenucenucfjughrpefofgggkfgjfhffhffvufgtgfesth
    hqredtreerjeenucfhrhhomhepfdflrghmvghsucevrghsshgvlhhlfdcuoehfvgguohhr
    rghprhhojhgvtghtsegthigsvghrphgvrghrrdgtohhmqeenucggtffrrghtthgvrhhnpe
    dtteegteeuieeiueetffetjeehgfekjeevuefhffdtveefudetfeevgfekleelfeenucff
    ohhmrghinhepghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenucfrrg
    hrrghmpehmrghilhhfrhhomhepfhgvughorhgrphhrohhjvggtthestgihsggvrhhpvggr
    rhdrtghomh
X-ME-Proxy: <xmx:2mvEXrsjCvW98e3iPPVt0MW1lHTQK_8nk7TrLCoT-Ich-sFs7CMpUw>
    <xmx:2mvEXtCQL4Oggflfik1ISQ-rh6zblDqVnWPAGYXhnHo7BkLb15iZMw>
    <xmx:2mvEXrf0_ru7i9rGwQ4fMgo_GayPDH_CwpZHVfH2Yjs-mBGKGd6iVQ>
    <xmx:22vEXqZxCRyq2ZlHpTQGBcvCaLWUOzpfQOCzjQcJ5UpaDqm0yf0esg>
Received: by mailuser.nyi.internal (Postfix, from userid 501)
	id C93F96680073; Tue, 19 May 2020 19:29:30 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-dev0-464-g810d66a-fmstable-20200518v1
Mime-Version: 1.0
Message-Id: <591d44bc-54f9-4db2-bb54-2ad988fe1d52@www.fastmail.com>
In-Reply-To: <6089d4c8e262dd6fe8a6510c283e674543a24b5c.camel@gunduz.org>
References: 
 <CAMsr+YFCuBGWh4=aM-K2LCsBEwcrqm=pphKKHEH09vHwXcspow@mail.gmail.com>
 <7761d006b5ace13a4d86ce489123e5004aaf8b6c.camel@gunduz.org>
 <20200519212710.GQ13712@tamriel.snowman.net>
 <6089d4c8e262dd6fe8a6510c283e674543a24b5c.camel@gunduz.org>
Date: Tue, 19 May 2020 19:29:09 -0400
From: "James Cassell" <fedoraproject@cyberpear.com>
To: "PostgreSQL Yum Package List" <pgsql-pkg-yum@lists.postgresql.org>
Subject: Re: Can we stop defaulting to 'ident'?
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-pkg-yum.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-pkg-yum@lists.postgresql.org>
List-Owner: <mailto:pgsql-pkg-yum-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-pkg-yum>
Precedence: bulk

On Tue, May 19, 2020, at 6:26 PM, Devrim G=C3=BCnd=C3=BCz wrote:
>=20
> Hi,
>=20
> On Tue, 2020-05-19 at 17:27 -0400, Stephen Frost wrote:
>=20
> > +1 to scram-sha-256 for the default for host-based/TCP connections.=20=

> > For local, we should be using peer, just like Debian's default has
> > been for ages.
>=20
> YEah, this is what I committed just now. Still, would love to hear fro=
m
> others if there are any objections.
>=20
> I used --pwfile=3D/dev/zero during initdb.
>=20

I'm still using ident authentication quite successfully on Fedora and RH=
EL. (authd package)

Here's my trivial config, just tested on Fedora 32 (tested using the sto=
ck, not PGDG packages, but same concept applies): https://github.com/jam=
escassell/ansible-role-postgresql/blob/master/tasks/main.yml


V/r,
James Cassell