On Thu, 2019-09-19 at 15:23 +0200, Matthias Apitz wrote: > El día Thursday, September 19, 2019 a las 10:31:01PM +1000, rob stone > escribió: > > > > > https://www.postgresql.org/docs/11/auth-password.html > > > > Chapters 20.5 and 20.6 may give you more information. > > The form of the password hash store in the PG server or interchange > over > the network is not my question. The question is more: When the Linux > server starts and with this the (ESQL/C written) application servers > are > starting, they need the password to connect and this is not provided > at > this moment from some keyboard or humanbeing. It must be stored on > the > server and available in clear for the server, but not for other eyes > on > the server, i.e. the place of the sorage must be ciphered. > > matthias > Sorry. More caffeine needed. If you use pg_service.conf you could write a little program to encrypt the password and store it in this file in its encrypted form. Then you application obtains the connection credentials from pg_service.conf, de-encrypts the password and is then able to form the connection string to access the required database. HTH, Robert
