[Pgpool-general] Pgpool-II and Slony-I
Tatsuo Ishii
ishii at sraoss.co.jp
Thu Aug 28 12:50:47 UTC 2008
Supporting md5 auth with pgpool is fundamentally impossible.
1) PostgreSQL send 32bit encryption salt to pgpool
2) pgpool forwards it to client
3) client encrypt password using the salt
4) pgpool forward the encrypted password to PostgreSQL
Problem is, the salt in #1 is a random number and are differ among
PostgreSQL servers. Using different salt produces different encrypted
password in #3. Of course if you have only 1 PostgreSQL server, then
you don't have the problem of course. But with only 1 PostgreSQL you
cannot make master/slave or replication system:-)
--
Tatsuo Ishii
SRA OSS, Inc. Japan
> Had the same issue: for each pgpool server's IP adress you need to set
> Authentication method to "trust" in pool_hba.conf if you want pgpool to work
> in master/slave mode.
>
> cheers
>
> michael
>
> On Thu, Aug 28, 2008 at 10:27 AM, Glyn Astill <glynastill at yahoo.co.uk>wrote:
>
> >
> > > > Is there a way to make it throw SELECTS only to the
> > > slave/s.
> > >
> > > backend_weight0 = 0
> > >
> > > should do what you want.
> >
> > I'm still confused about the md5 passwords in master/slave mode?
> >
> > With just a normal pool everything is okay, however I get a message saying
> > md5 is not supported in master/slave mode?
> >
> > Does this mean I have to change the authentication menthod on all my main
> > servers to clear text in order to use pgPool-II?
> >
> > I presume theres a technical reason for this, what is it?
> >
> > Send instant messages to your online friends http://uk.messenger.yahoo.com
> > _______________________________________________
> > Pgpool-general mailing list
> > Pgpool-general at pgfoundry.org
> > http://pgfoundry.org/mailman/listinfo/pgpool-general
> >
More information about the Pgpool-general
mailing list