Storing passwords
Is there a PostgreSQL function that allows you to store passwords, but it encrypts them?
If not, are there any recommendations for storing passwords?
thank you!
~ Troy Campano ~
Date: Fri, 27 Dec 2002 10:01:30 -0500
From: "Campano, Troy" <Troy.Campano@LibertyMutual.com>
Is there a PostgreSQL function that allows you to store passwords, but it encrypts them?
If not, are there any recommendations for storing passwords?
The easiest solution would be a stored procedure written in C that simply
calls the crypt() function (for details: "man crypt"). In that case you will
also need to store the "salt" with the encrypted password.
Even if you have not yet written any stored procedure, it should be done
in less than two hours. See the documentation on "server side programming" for details.
Hope this helps,
Christoph Dalitz
Import Notes
Resolved by subject fallback
Christoph Dalitz wrote:
Date: Fri, 27 Dec 2002 10:01:30 -0500
From: "Campano, Troy" <Troy.Campano@LibertyMutual.com>Is there a PostgreSQL function that allows you to store passwords, but it encrypts them?
If not, are there any recommendations for storing passwords?The easiest solution would be a stored procedure written in C that simply
calls the crypt() function (for details: "man crypt"). In that case you will
also need to store the "salt" with the encrypted password.Even if you have not yet written any stored procedure, it should be done
in less than two hours. See the documentation on "server side programming" for details.
Also, see /contrib/pgcrypto for encryption routines.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073In fact, there is an PostgreSQL FAQ item about encryption.
---------------------------------------------------------------------------
Bruce Momjian wrote:
Christoph Dalitz wrote:
Date: Fri, 27 Dec 2002 10:01:30 -0500
From: "Campano, Troy" <Troy.Campano@LibertyMutual.com>Is there a PostgreSQL function that allows you to store passwords, but it encrypts them?
If not, are there any recommendations for storing passwords?The easiest solution would be a stored procedure written in C that simply
calls the crypt() function (for details: "man crypt"). In that case you will
also need to store the "salt" with the encrypted password.Even if you have not yet written any stored procedure, it should be done
in less than two hours. See the documentation on "server side programming" for details.Also, see /contrib/pgcrypto for encryption routines.
-- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
ok, I want that my data base be safe.
so, why if a put this command in the prompt like a regular user
zurron@gpsis:~$ /usr/local/pgsql/bin/psql -d colegio -U postgres
i get this:
Welcome to psql, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit
colegio=#
and here i can do whatever i want
what must i do for fix it?
colegio=# SELECT version();
version
---------------------------------------------------------------
PostgreSQL 7.2.1 on i686-pc-linux-gnu, compiled by GCC 2.95.3
(1 row)
and
test_ip=# select version();
version
---------------------------------------------------------------------------------------------------------
PostgreSQL 7.2.2 on i686-pc-linux-gnu, compiled by GCC gcc (GCC) 3.2
20020903 (Red Hat Linux 8.0 3.2-7)
(1 row)
test_ip=#
thanks.
Fabian
Create a password for the postgresql user and use something like 'md5' for the authentication method in $PGDATA/pg_hba.conf.
thank you!
~ Troy Campano ~
-----Original Message-----
From: zurron@vesta.tmf.bg.ac.yu [mailto:zurron@vesta.tmf.bg.ac.yu]
Sent: Friday, December 27, 2002 2:40 PM
To: pgsql-general@postgresql.org
Subject: [GENERAL] question
ok, I want that my data base be safe.
so, why if a put this command in the prompt like a regular user
zurron@gpsis:~$ /usr/local/pgsql/bin/psql -d colegio -U postgres
i get this:
Welcome to psql, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit
colegio=#
and here i can do whatever i want
what must i do for fix it?
colegio=# SELECT version();
version
---------------------------------------------------------------
PostgreSQL 7.2.1 on i686-pc-linux-gnu, compiled by GCC 2.95.3 (1 row)
and
test_ip=# select version();
version
---------------------------------------------------------------------------------------------------------
PostgreSQL 7.2.2 on i686-pc-linux-gnu, compiled by GCC gcc (GCC) 3.2
20020903 (Red Hat Linux 8.0 3.2-7)
(1 row)
test_ip=#
thanks.
Fabian
---------------------------(end of broadcast)---------------------------
TIP 5: Have you checked our extensive FAQ?
Import Notes
Resolved by subject fallback
On Fri, Dec 27, 2002 at 20:39:50 +0100,
zurron@vesta.tmf.bg.ac.yu wrote:
ok, I want that my data base be safe.
so, why if a put this command in the prompt like a regular userzurron@gpsis:~$ /usr/local/pgsql/bin/psql -d colegio -U postgres
Probably you don't want to use 'trust' as the authentication method.
Hello,
You need to edit your pg_hba.conf file and make it so local (and
remote) connections use the auth method of MD5.
Then when you create (or alter a user) you want to use the WITH
ENCRYPTED PASSWORD '<password>' option.
That way you will have a MD5 hash as the password, and it will always
ask you for a password (even when using psql).
Sincerely,
Joshua Drake
Bruno Wolff III wrote:
On Fri, Dec 27, 2002 at 20:39:50 +0100,
zurron@vesta.tmf.bg.ac.yu wrote:ok, I want that my data base be safe.
so, why if a put this command in the prompt like a regular userzurron@gpsis:~$ /usr/local/pgsql/bin/psql -d colegio -U postgres
Probably you don't want to use 'trust' as the authentication method.
---------------------------(end of broadcast)---------------------------
TIP 4: Don't 'kill -9' the postmaster
--
<COMPANY>CommandPrompt - http://www.commandprompt.com </COMPANY>
<CONTACT> <PHONE>+1.503.222-2783</PHONE> </CONTACT>