Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Unknown authenticationOk message type #1508
With postgres 10.1 and SCRAM-SHA-256 password encryption enabled, node-postgres driver throws the following error:
Not telling that encryption method is not supported or anything. It took a while to find out why my app is stopped working after i have changed the role name. I think there should be more verbose error for this case.
first, change the postgresql.conf file :
and restart database.
lookup users password encryption whith superuser (postgres) :
if password start with "SCRAM-SHA-256" (and not "md5"), it's too late, but not the end of world.
--> change all user with SCRAM-SHA-256 password for reset them :
--> the password is now encrypted with md5 crypto :
and now, i can use this pg_client without this error
explanation : the size "23" is because he know password is encrypted with SCRAM-SHA-256, and change the auth message for ask SCRAM password, and it's not implemented yet ...
have fun !
With postgresql starting to move towards SASL authentication with the introduction of SCRAM-SHA-256, and the known vulnerabilities in MD5, I think it is important for all major postgresql libraries to be supporting this encryption.
It is already supported in the latest libpq versions, which I know @brianc has create some native node bindings for.
I am also facing this problem and tried to fix it according to @Kidounet 's suggestion, but in my case this change doesn't seem to have the needed effect.
I am on a kubernetes environment (server version 1.8). My postgresql config files are on a persistent volume, so when I restart the database pod the changed config files are still there and should be applied.
Any hints on what I am missing?
Thanks a lot!
EDIT: Okay, just found out that in my setup there was another config file that needed to be changed ... Now it is working fine!
Hi @mohanpindyala if you need scram-sha-256 you can use postgres in version 10. Or if you have write access to postgresql.conf file try Kidounet's attempt. I also found out that pg_hba.conf file doesn't need to be touched as it gets generated from the specifications in postgresql.conf on database start/restart (correct me, if I'm wrong)
This means there's no way for secure password encryption when using Node.js with Postgres to date?
Kidounet's solution to just use MD5 didn't work for me: I kept getting
as response after changing the 2 config files, altering all passwords and server-restarts/reloads (all passwords started with "md5"). Earlier I tried if it would work if I just have one user with limited privileges with MD5 and the other ones with SCRAM-SHA-256. Didn't work. Maybe there was a problem with pgAdmin4 running? It works now after purging and reinstalling the packages and leaving MD5 as it was.