back to article PostgreSQL says SCRAM to MD5 authentication

With the release of PostgreSQL 10, the open source database's developers are farewelling the deprecated MD5 in their authentication mechanism. Released late last week, PostgreSQL 10 instead uses an SHA-256 implementation of the Salted Challenge-Response Authentication Mechanism (SCRAM-SHA-256, described in RFC7677). The …

  1. frank ly

    re. "farewelling"

    I'm thumbs-downing and contempting the verbing of that noun.

  2. Not That Andrew

    In the words of Bill Watterson, "Verbing nouns wierds language".

    1. Mark 110

      I bet he didn't misspell weird when he said it though . . {Weird that weird is a weird exception to the i before e except after c rule}

  3. Hans 1

    farewelling the deprecated MD5

    Hm, md5 is still all over the default pg_hba.conf file, however, scram-sha-256 is a nice addition.

    1. Anonymous Coward
      Anonymous Coward

      The examples demonstrating the new features were all hosted by HPE. Might have something to do with it.

  4. Hans 1

    I set up a sandbox (LXC container) with PostgreSQL 10, configured scram-sha-256 auth and Postgres Admin 4 version 2 (latest client I could find) does not support it.

    The JDBC driver 42.2.0 supports scram-sha-256 auth, however, at the time of this writing, https://jdbc.postgresql.org/download.html does not list that version for download.

    So, since only the server supports SCRAM and the default configuration uses md5, again at the time of this writing, that the config still recommends MD5, I assume it is a bit too early to mention a farewell ... note that you can easily use SSL encryption/tunneling for the database connection if you are paranoid...

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like