On 05/25/2015 08:41 PM, Yves Dorfsman wrote:
On 2015-05-25 17:58, Adrian Klaver wrote:
On 05/25/2015 01:41 PM, Francisco Reyes wrote:
On multiple machines, should the MD5 be the same?
using
select rolname, rolpassword,rolcanlogin from pg_catalog.pg_authid where
rolname = 'SomeUser';
Should the MD5 be the same?
I understood that is just a md5 hash of the password and the username with the
string md5 pre-appended, so it should be the same.
On version 9 definitely, as documented:
http://www.postgresql.org/docs/9.3/static/catalog-pg-authid.html
"The MD5 hash will be of the user's password concatenated to their user name.
For example, if user joe has password xyzzy, PostgreSQL will store the md5
hash of xyzzyjoe."
Although I'm surprised it's not seeded, or even using a strong hash, but
that's a different subject.
See here for more detail:
http://www.postgresql.org/docs/9.4/static/protocol-flow.html
AuthenticationMD5Password
--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
