Matthias Apitz <guru@xxxxxxxxxxx> writes: > Is there somehow an API in PG to use ciphered passwords and provide as a > shared library the blob to decrypt it? No. Consider a non-password auth mechanism, for instance SSL certificates. You might find that an SSL certificate file stored where libpq will find it is already about as secure as what you're doing now. If you want to jump through extra hoops for more security, I think you can use ssh-agent to hold the keys. regards, tom lane
