[pgpool-general: 7434] Re: Pgpool works on FIPS mode of VA - very important

[Tatsuo Ishii]

> In the documentation, it's mentioned that default key would be available at
> ~pgpool/.pgpoolkey, but I am not able to find the same. Can you please
> elaborate the steps to use pg_conf? Im in pgpool 4.0.4 version.

No, you need to create .pgpoolkey by yourself something like:

echo "my-secret-password" > ~pgpool/..pgpoolkey

Also please do not remove Cc: pgpool-general at pgpool.net.

> *root at lcm-vrs-48-231 [ *~* ]# *pg_enc -K=sample_key try
> 
> ERROR: pid 25742: AES encryption is not supported by this build
> 
> *root at lcm-vrs-48-231 [ *~* ]# *cat sample_key
> 
> sample
> Regards,
> Anusha N.
> 
> 
> On Tue, Mar 9, 2021 at 5:43 PM Tatsuo Ishii <ishii at sraoss.co.jp> wrote:
> 
>> Hi Anusha,
>>
>> > Hi Tatsuo,
>> >
>> > I'm trying to move from md5 to AES for encryption. Getting below error on
>> > following
>> >
>> https://www.pgpool.net/docs/latest/en/html/auth-aes-encrypted-password.html
>> >
>> > Can you please help me with this?
>> >
>> > *root at lcm-vrs-48-231 [ *~* ]# *pg_md5 fgdskj
>> >
>> > 8a5bd11420a4cddfe904dd0a023074f0
>> >
>> > *root at lcm-vrs-48-231 [ *~* ]# *pg_enc fhdslihjf
>> >
>> > trying to read key from file /root/.pgpoolkey
>> >
>> > encryption key not provided
>> >
>> > *root at lcm-vrs-48-231 [ *~* ]# *cat /root/.pgpoolkey
>> >
>> > cat: /root/.pgpoolkey: No such file or directory
>>
>> You need to provide decription key to Pgpool-II: you need to create
>> ~pgpool/.pgpoolkey file ("pgpool" should be replaced with the user
>> that is used to run pgpool). We don't recommend to run pgpool as root
>> for security reason.
>>
>> For more details of .pgpoolkey see the manual:
>>
>> https://www.pgpool.net/docs/latest/en/html/auth-aes-encrypted-password.html#AUTH-AES-DECRYPTION-KEY
>>
>> Best regards,
>> --
>> Tatsuo Ishii
>> SRA OSS, Inc. Japan
>> English: http://www.sraoss.co.jp/index_en.php
>> Japanese:http://www.sraoss.co.jp
>>