2000-11-18
 
 
  pg_passwd
  1
  Application
 
 
  pg_passwd
  Manipulate a text password file
 
 
  
   pg_passwd
   filename
  
 
 
  Description
  
   pg_passwd is a tool to manipulate a flat
   text password file for the purpose of using that file to control
   client authentication of the
   PostgreSQL server.  More information
   about setting up this authentication mechanism can be found in the
   Administrator's Guide.
  
  
   The form of a text password file is one entry per line; the fields
   of each entry are separated by colons.  The first field is the user
   name, the second field is the encrypted password.  Other fields are
   ignored (to allow password files to be shared between applications
   that use similar formats).  The functionality of the
   pg_passwd utility is to enable a user to
   interactively add entries to such a file, to alter passwords of
   existing entries, and to take care of encrypting the passwords.
  
  
   Supply the name of the password file as argument to the pg_passwd
   command.  To be of use for client authentication the file needs to
   be located in the server's data directory, and the base name of
   the file needs to be specified in the
   pg_hba.conf access control file.
$ pg_passwd /usr/local/pgsql/data/passwords
File "/usr/local/pgsql/data/passwords" does not exist.  Create? (y/n): y
Username: guest
Password:
Re-enter password:
   where the Password: and Re-enter
   password: prompts require the same password input which
   is not displayed on the terminal.  Note that the password is limited
   to eight useful characters by restrictions of the standard crypt(3)
   library routine.
  
  
   The original password file is renamed to
   passwords.bk.
  
  
   To make use of this password file, put a line like the following in
   pg_hba.conf:
host  mydb     133.65.96.250   255.255.255.255 password passwords
   which would allow access to database mydb from host 133.65.96.250 using
   the passwords listed in the passwords file (and
   only to the users listed in that file).
  
  
   
    It is also useful to have entries in a password file with an empty
    password field.  (This is different from an empty password.)
    These entries cannot be managed by
    pg_passwd, but it is always possible to
    edit password files manually.
   
  
 
 
  See also
  
   PostgreSQL Administrator's Guide