trouble with PostgreSQL 9.2 on FreeBSD 10.0-CURRENT: superuser can not autheticate anymore with md5 password hash set

Volodymyr Kostyrko c.kworr at gmail.com
Tue Aug 13 14:55:11 UTC 2013


> 13.08.2013 17:30, O. Hartmann wrote:
>> For the past I ran PostgreSQL 9.2 servers on FreeBSD 10.0-CURRENT
>> successfully. But by now, out of the blue, login as the database's
>> supervisor "pgsql" remotely isn't possible any more.
>>
>> The appropriate lines in pg_hba.conf are:
>>
>> local   all  pgsql md5
>> hostssl all  pgsql 0.0.0.0/0   md5
>>
>> The funny thing is: when login locally without providing a password
>> (swap md5 to trust in the "local" line) and setting the password for
>> the role "pgsql" via
>>
>> ALTER ROLE pgsql ENCRYPTED PASSWORD 'FooMe";
>
> I guess ENCRYPTED means you are substituting FooMe with md5 hashed
> password correctly salted with role name as postgresql requires?

Silly me, that's wrong. ENCRYPTED only means that password will be 
stored encrypted on the disk. There's a side note about using ENCRYPTED 
password with postgres in the docs though:

"Note that older clients might lack support for the MD5 authentication 
mechanism that is needed to work with passwords that are stored encrypted."

-- 
Sphinx of black quartz, judge my vow.


More information about the freebsd-questions mailing list