Greetings, * Pavan Kumar (pavan.dba27@xxxxxxxxx) wrote: > > What would be the point of storing the encrypted password instead of the > > plaintext one? > As per our organization security policies, we can 't keep any passwords in > plain text format. Then you need to *actually* encrypt the password in whatever file you'd like, and then decrypt it using a key from somewhere when you go to connect to PG and use it to connect to PG. Anything that doesn't involve some key from somewhere being used to decrypt it isn't actually meeting your organization's security policies, certainly not anything that's just dumping whatever into .pgpass and then allowing you to connect. > I am working on postgres + pgbouncer setup, tested pgbouncer 1.14 where we > have support to use encrypted password in userlist,txt file. I am > surprised why pgpass is not supporting encrypted passwords. I'm not sure what you mean here, but I'm pretty confident it's not actually what you think. If you can directly connect with it, without providing some kind of additional key, then it's, pretty much by definition, not encrypted. Thanks, Stephen
Attachment:
signature.asc
Description: PGP signature
