[pgpool-general: 9434] scram-sha-256 Authentication

[Sbob]

All;

I have setup authentication where I have an md5 line in the 
pool_hba.conf file for a user and I have an md5 password entry for the 
user in the pool_passwd file, and the backend db is using scram_sha_256

I would like to setup the pool users to use scram sha 256 as well. I see 
in the docs that I should use pg_enc to create the entry in the 
pool_passwd file, however pg_enc is complaining about a key file.

I do not understand where I should put the keyfile and what I should put 
in the keyfile.

I assume that AES is the same as scram sha 256?

I see this in the docs:

If you have AES encrypted passwords stored in the pool_passwd 
<https://www.pgpool.net/docs/latest/en/html/runtime-config-connection.html#GUC-POOL-PASSWD> 
file, then Pgpool-II will require the decryption key to decrypt the 
passwords before using them, Pgpool-II tries to read the decryption key 
at startup from the .pgpoolkey file. .pgpoolkey is a plain text file 
which contains the decryption key string.

By default the Pgpool-II will look for the .pgpoolkey file in the user's 
home directory or the file referenced by environment variable 
PGPOOLKEYFILE. You can also specify the key file using the (-k, 
--key-file=KEY_FILE) command line argument to the pgpool 
<https://www.pgpool.net/docs/latest/en/html/pgpool.html> command. The 
permissions on .pgpoolkey must disallow any access to world or group. 
Change the file permissions by the command chmod 0600 ~/.pgpoolkey.


but I am still un-sure what I put in the keyfile


Thanks in advance


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pgpool.net/pipermail/pgpool-general/attachments/20250426/68b8c908/attachment.htm>