Re: scram and \password

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Robert Haas <robertmhaas@gmail.com>
Cc: Heikki Linnakangas <hlinnaka@iki.fi>, Michael Paquier <michael.paquier@gmail.com>, Jeff Janes <jeff.janes@gmail.com>, Joe Conway <mail@joeconway.com>, pgsql-hackers <pgsql-hackers@postgresql.org>
Date: 2017-03-17T13:42:21Z
Lists: pgsql-hackers
Robert Haas <robertmhaas@gmail.com> writes:
> On Fri, Mar 17, 2017 at 8:32 AM, Heikki Linnakangas <hlinnaka@iki.fi> wrote:
>> It would make sense to have \password obey password_encryption GUC. Then
>> \password and ALTER USER would do the same thing, which would be less
>> surprising. Although it's also a bit weird for a GUC to affect client-side
>> behavior, so perhaps better to just document that \password will create a
>> SCRAM verifier, unless you explicitly tell it to create an MD5 hash, and add
>> a 'method' parameter to it.

> Either of those would be fine with me, but I think we should do one of them.

I vote for the second one; seems much less surprising and action-at-a-
distance-y.  And I think the entire point of \password is to *not* do
exactly what a bare ALTER USER would do, but to superimpose a layer of
best practice on it.  We certainly want to define use of SCRAM as being
best practice.

			regards, tom lane


Commits

  1. Add PQencryptPasswordConn function to libpq, use it in psql and createuser.

  2. Allow SCRAM authentication, when pg_hba.conf says 'md5'.