在PostgreSQL中使用加密密码创建用户 [英] Creating user with encrypted password in PostgreSQL
问题描述
是否可以在PostgreSQL中创建用户而不提供纯文本密码(理想情况下,我希望能够创建仅提供用sha-256加密的密码的用户)?
Is it possible to create a user in PostgreSQL without providing the plain text password (ideally, I would like to be able to create a user providing only its password crypted with sha-256) ?
我想做的是用这样的东西创建一个用户:
What I would like to do is to create a user with something like that :
CREATE USER "martin" WITH PASSWORD '$6$kH3l2bj8iT$KKrTAKDF4OoE7w.oy(...)BPwcTBN/V42hqE.';
有什么办法吗?
谢谢您的帮助.
推荐答案
You may provide the password already hashed with md5, as said in the doc (CREATE ROLE):
已加密未加密这些关键字控制密码是否为 加密存储在系统目录中. (如果未指定,则 默认行为由配置参数确定 password_encryption.)如果提供的密码字符串已经存在 MD5加密格式,然后按原样存储加密,无论 是否指定ENCRYPTED或UNENCRYPTED(因为系统无法 解密指定的加密密码字符串).这允许 在转储/还原过程中重新加载加密的密码.
ENCRYPTED UNENCRYPTED These key words control whether the password is stored encrypted in the system catalogs. (If neither is specified, the default behavior is determined by the configuration parameter password_encryption.) If the presented password string is already in MD5-encrypted format, then it is stored encrypted as-is, regardless of whether ENCRYPTED or UNENCRYPTED is specified (since the system cannot decrypt the specified encrypted password string). This allows reloading of encrypted passwords during dump/restore.
这里缺少的信息是MD5加密的字符串应该是与用户名以及开头加上md5的密码.
The information that's missing here is that the MD5-encrypted string should be the password concatened with the username, plus md5 at the beginning.
例如,以foobar为密码创建u0,知道md5('foobaru0')是ac4bbe016b808c3c0b816981f240dcae:
So for example to create u0 with the password foobar, knowing that md5('foobaru0') is ac4bbe016b808c3c0b816981f240dcae:
CREATE USER u0 PASSWORD 'md5ac4bbe016b808c3c0b816981f240dcae';
,然后键入foobar作为密码即可登录u0.
and then u0 will be able to log in by typing foobar as the password.
我不认为目前有一种方法可以使用SHA-256代替md5作为PostgreSQL密码.
I don't think that there's currently a way to use SHA-256 instead of md5 for PostgreSQL passwords.
这篇关于在PostgreSQL中使用加密密码创建用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
