Re: Should we really recommend "-A md5 or -A password"?
Jonathan S. Katz <jkatz@postgresql.org>
From: "Jonathan S. Katz" <jkatz@postgresql.org>
To: Magnus Hagander <magnus@hagander.net>,
"Daniel Westermann (DWE)" <daniel.westermann@dbi-services.com>
Cc: "pgsql-docs@lists.postgresql.org" <pgsql-docs@lists.postgresql.org>
Date: 2022-05-31T13:57:31Z
Lists: pgsql-docs
Attachments
- initdb-auth-recommendation.patch (text/plain) patch
On 5/31/22 8:35 AM, Magnus Hagander wrote: > > > On Tue, May 31, 2022 at 2:29 PM Daniel Westermann (DWE) > <daniel.westermann@dbi-services.com > <mailto:daniel.westermann@dbi-services.com>> wrote: > > Hi, > > I just came across this: > "Also, specify -A md5 or -A password so that the default trust > authentication mode is not used;" > https://www.postgresql.org/docs/current/creating-cluster.html > <https://www.postgresql.org/docs/current/creating-cluster.html> > > Shouldn't we change that to "-A scram-sha-256" ? > > > Yes I think we absolutely should! +1 Proposed patch attached. This also removes "-A password" from that sentence as well. Jonathan
Commits
-
Recommend scram-sha-256 instead of md5 authentication in docs
- a694cf4ca496 14.4 landed
- e1ed1a7aa547 15.0 landed