Am 28. Mai 2021 15:27:43 MESZ schrieb Nikhil Shetty <nikhil.dba04@xxxxxxxxx>:
Hi Team,Just a quick checkAs per documentation, for upgrading password encryption from md5 to scram-sha-256, we have to set password_encryption to scram-sha-256, reset the user password and then change in pg_hba.conf.Is there any other way to do this without changing the password? if there are a lot of login users in the database it becomes difficult and it may incur downtime as well.I see there is a way the users can do it by themselves but still will incur some downtime.Thanks and Regards,Nikhil
It's no problem to leave the setting at md5 as this accepts the new scram passwords as well.
Just check after a while whether all passwords have been changed to scram.
Since there is no way of retrieving a password in clear it's also impossible to change them to scram automatically.
Hope this helps.
--
Holger Jakobs, Bergisch Gladbach
+49 178 9759012
- sent from mobile, therefore short -
