hardcode password in connect string

Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars.html

Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html

Jim

On April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com> wrote:

Hi:

PG v9.5.2 on RHEL

I like to use an alias to connect to my favorite DBs but don't like to
enter passwords. I used to just disable passwords (working behind a
firewall), but this one is different. I see nothing in the interactive
connect string where I can enter the password...

psql -h thehost -U memyselfi mydb

Missing something like "-p mypassword"

Is there a way I can stick the pw in the linux alias definition ?

Just thinking something like this may be available since hardcoded
passwords are supported in perl/dbi, pg driver

Thanks !

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

On 04/13/2018 12:46 PM, James Keener wrote:

Is setting it as an environment variable an option?
https://www.postgresql.org/docs/9.1/static/libpq-envars.html

Alternatively, a service file?
https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html

Jim

On April 13, 2018 2:43:01 PM EDT, David Gauthier
<davegauthierpg@gmail.com> wrote:

Hi:

PG v9.5.2 on RHEL

I like to use an alias to connect to my favorite DBs but don't
like to enter passwords.  I used to just disable passwords
(working behind a firewall), but this one is different.  I see
nothing in the interactive connect string where I can enter the
password...

psql -h thehost -U memyselfi mydb

Missing something like "-p mypassword"

Is there a way I can stick the pw in the linux alias definition ?

Just thinking something like this may be available since hardcoded
passwords are supported in perl/dbi, pg driver

Thanks !

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

This is usually done in ~/.pgpass

PGPASSWORD env var works fine.
Thanks !

On Fri, Apr 13, 2018 at 2:46 PM, James Keener <jim@jimkeener.com> wrote:

Hello David,
I think so, the parameter you need in psql command is -w mipassword.
But, you have to understand that use this form or set PGPASSWORD aren't safer.
Exist a file (pg_hba.conf) for this process ir task.
Regards

Obtener Outlook para Android<https://aka.ms/ghei36&gt;

________________________________
From: David Gauthier <davegauthierpg@gmail.com>
Sent: Friday, April 13, 2018 3:51:33 PM
To: James Keener
Cc: pgsql-generallists.postgresql.org
Subject: Re: hardcode password in connect string

PGPASSWORD env var works fine.
Thanks !

On Fri, Apr 13, 2018 at 2:46 PM, James Keener <jim@jimkeener.com<mailto:jim@jimkeener.com>> wrote:
Is setting it as an environment variable an option? https://www.postgresql.org/docs/9.1/static/libpq-envars.html

Alternatively, a service file? https://www.postgresql.org/docs/9.0/static/libpq-pgservice.html

Jim

On April 13, 2018 2:43:01 PM EDT, David Gauthier <davegauthierpg@gmail.com<mailto:davegauthierpg@gmail.com>> wrote:
Hi:

PG v9.5.2 on RHEL

I like to use an alias to connect to my favorite DBs but don't like to enter passwords. I used to just disable passwords (working behind a firewall), but this one is different. I see nothing in the interactive connect string where I can enter the password...

psql -h thehost -U memyselfi mydb

Missing something like "-p mypassword"

Is there a way I can stick the pw in the linux alias definition ?

Just thinking something like this may be available since hardcoded passwords are supported in perl/dbi, pg driver

Thanks !

--
Sent from my Android device with K-9 Mail. Please excuse my brevity.

On 15/04/18 12:35, Ricardo Martin Gomez wrote:

Hello David,
I think so, the parameter you need in psql command is -w mipassword.

Sorry, this is not correct. -w causes psql *never* to prompt for a
password, and -W forces a password prompt. Neither allows the password
to be passed as an argument - I don't think that this is possible with psql.

Details here:

https://www.postgresql.org/docs/10/static/app-psql.html

Ray.

--
Raymond O'Donnell :: Galway :: Ireland
rod@iol.ie

2018-04-15 17:16 GMT+02:00 Raymond O'Donnell <rod@iol.ie>:

On 15/04/18 12:35, Ricardo Martin Gomez wrote:

Hello David,
I think so, the parameter you need in psql command is -w mipassword.

Sorry, this is not correct. -w causes psql *never* to prompt for a
password, and -W forces a password prompt. Neither allows the password to
be passed as an argument - I don't think that this is possible with psql.

You're right, that's not possible (as an argument). And it is a security
*feature*.

Details here:

https://www.postgresql.org/docs/10/static/app-psql.html

Ray.

--
Guillaume.

El 15/04/18 a las 12:16, Raymond O'Donnell escribi�:

On 15/04/18 12:35, Ricardo Martin Gomez wrote:

Hello David,
I think so, the parameter you need in psql command is -w mipassword.

Sorry, this is not correct. -w causes psql *never* to prompt for a
password, and -W forces a password prompt. Neither allows the password
to be passed as an argument - I don't think that this is possible with
psql.

It is possible, you just have to construct the whole string:

psql "host=thehost dbname=mydatabase user=memyselfi password=mypassword"

Still, the best option, and the most secure, is to use a .pgpass file.
The psql invocation with it's password will very likely end in
.bash_history and alike.

Regards,

--
Mart�n Marqu�s http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services