[Pgpool-general] Pgpool-II and Slony-I
Glyn Astill
glynastill at yahoo.co.uk
Thu Aug 28 13:02:58 UTC 2008
--- On Thu, 28/8/08, Tatsuo Ishii <ishii at sraoss.co.jp> wrote:
> Supporting md5 auth with pgpool is fundamentally impossible.
>
> 1) PostgreSQL send 32bit encryption salt to pgpool
>
> 2) pgpool forwards it to client
>
> 3) client encrypt password using the salt
>
> 4) pgpool forward the encrypted password to PostgreSQL
>
> Problem is, the salt in #1 is a random number and are
> differ among
> PostgreSQL servers. Using different salt produces different
> encrypted
> password in #3. Of course if you have only 1 PostgreSQL
> server, then
> you don't have the problem of course. But with only 1
> PostgreSQL you
> cannot make master/slave or replication system:-)
Thanks for that, I understand why it could never work now.
Is it only the pgpool IP I have to set to trust, or do I have to open things up and trust every client?
Send instant messages to your online friends http://uk.messenger.yahoo.com
More information about the Pgpool-general
mailing list