Re: [libvirt PATCH 0/2] docs: less docs for insecure SASL mechanisms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Mar 04, 2021 at 06:10:11PM +0000, Daniel P. Berrangé wrote:
> GSSAPI and SCRAM-SHA-256 are the only two SASL mechanisms we
> especially want people to be using. Even the latter is a little
> questionable due to storing passwords in cleartext on the server.

At what point of the SCRAM-SHA-256 auth process is password handled as clear
text? I mean I tried to look up the issue you mention and couldn't find
anything, quite the contrary, e.g. Postgres says SCRAM-SHA-256 is the only
recommended scheme for password-based auth and storing passwords in clear text
is not possible. Isn't it kind of the point that passwords are never stored in
clear text with this scheme?

https://www.postgresql.org/docs/13/auth-password.html

Erik




[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux