On 6 Feb 2015 4:04 PM, Michael Nolan wrote:
Encrypted passwords are kept in the pg_shadow file and should start with 'md5'.
Just save a copy of the encrypted password for that user and when you
want to re-enable that user do:
alter user xxx encrypted password 'md5xxxxxxxx';
I have tested this on 9.3.5.
That’s basically what I tried before, though I just string-reversed the
MD5 hash so that I could un-reverse it. I also prefixed “md5” with '-'
so I could tell which passwords were scrambled.
What I found was that a “suspended” user could still log in, though.
I looked for some control to “reload” the passwords from that datastore
but couldn’t find any.
I also did this on pg_authid; would that have made a difference?
-FG
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
