Jorge Godoy wrote:
Em Monday 03 March 2008 08:08:36 Raymond O'Donnell escreveu:
On 03/03/2008 11:01, dfx wrote:
The question il: Is there a method to avoid to insert the addesses of
the clients in the pg_hba.conf and to allow connections from internet
with security assured only by username and password?
Yes, that's what people have been explaining: you insert a line
something like:
host [database] [user] 0.0.0.0/0 md5
But make it "hostssl" instead of "host", to require some cryptography in the
channel used, specially to authenticate the connection.
Opening your access to everyone without crypto sounds like something you don't
want to do. Specially if users can change their own passwords...
My understanding is no password is sent in the clear with md5 per:
http://www.postgresql.org/docs/8.3/interactive/auth-methods.html#AUTH-PASSWORD
Paul
---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match
