Last active
January 21, 2020 14:25
-
-
Save kravietz/217179e497075509cae060641443b1ca to your computer and use it in GitHub Desktop.
Switch PostgreSQL 10 to new strong SCRAM-SHA-256 password authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| postgres@tyler:~$ psql | |
| psql (10.5 (Ubuntu 10.5-1.pgdg16.04+1)) | |
| Type "help" for help. | |
| postgres=# show password_encryption; | |
| password_encryption | |
| --------------------- | |
| md5 | |
| (1 row) | |
| postgres=# SET password_encryption = 'scram-sha-256'; | |
| SET | |
| postgres=# \password webapp | |
| Enter new password: | |
| Enter it again: | |
| postgres=# ALTER USER "webapp" WITH PASSWORD 'PLAINTEXT_USER_PASSWORD_HERE'; | |
| ALTER ROLE | |
| postgres=# select * from pg_user; | |
| usename | usesysid | usecreatedb | usesuper | userepl | usebypassrls | passwd | valuntil | useconfig | |
| ------------+----------+-------------+----------+---------+--------------+----------+----------+----------- | |
| postgres | 10 | t | t | t | t | ******** | | | |
| webapp | 16384 | t | f | f | f | ******** | | | |
| (2 rows) | |
| postgres=# show password_encryption; | |
| password_encryption | |
| --------------------- | |
| scram-sha-256 | |
| (1 row) | |
| postgres=# | |
| Also replace occurences of "md5" with "scram-sha-256" in pg_hba.conf and restart PostgreSQL. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment