Re: [Gnumed-devel] Managing staff (user accounts)

[Karsten Hilbert]

> So it's all done in Postgres configuration,

AFAIK it is hardcoded.

> and does it presumably mean
> that in any one cluster only one method of encryption is usable

Yes.

> (and therefore only a single method should be designated, consistently)
> in pg_hba.conf ?

There is nothing to choose from. It is either md5-hashed or not hashed
(well, there used to be crypt but that's long been deprecated).

> Is there any other configuration in so far as you are aware that must be
> done if anybody were to prefer to change from md5 to sha-1?

They would need to write a patch for PostgreSQL to support that.

> Presumably if such a change were to be made after and database users
> (including GNUmed users) had been created in a Postgres cluster, the passwords
> would need to be reset?

Likely, yes.

Karsten
-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de