[pgpool-general: 3145] Re: why using MD5 auth on the backends requires using pool_hba.conf?

[Tatsuo Ishii]

>> I would imagine it is to keep the security model of pgpool in line with
>> the security model of postgresql. Specifically, so you can limit what
>> database and account combinations are accessible from which locations, as
>> the postgresql hba file is rendered (more or less) useless as all
>> connections to postgresql come from your pgpool box(es).
>>
> 
> Thanks! but then why not require pool_hba.conf for, say, pam authentication?

In fact below is a bonus (or a good side effect) of the implementaion
of md5 in pgpool-II.

> it is to keep the security model of pgpool in line with the security model of postgresql

With md5 auth PostgreSQL sends "salt" to a client, which is pgpool-II
in our case. Problem is, the salt sent from each PostgreSQL backend
(remember that pgpool-II talks to multiple PostgreSQL backend) are
differ because they are randomly generated by each PostgreSQL
process. On the other hand the client connecting to pgpool-II is
expecting *single* salt rather multiple salts. The solution is
pgpool-II generates its own salt and sends to the client while it
sends encrypted password to each PostgreSQL backend accordingly using
the salts.

Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp