enable scram-sha-256 password encryption #713
Conversation
- if $POSTGRES_HOST_AUTH_METHOD is set - without that update new users are unable to logon, because the password would still be saved as md5, but the host auth is set to scram-sha-256 in pg_hba.conf
|
All |
- otherwise FORCE_DEB_BUILD fails
- docker-password_encryption
|
The VERSION=12 FORCE_DEB_BUILD=1 build fails, but version 12.2-2.pgdg100+1 is available in the repo. |
|
http://apt.postgresql.org/pub/repos/apt/dists/buster-pgdg/12/binary-amd64/Packages does not contain the 12.2-2.pgdg100+1 package |
|
|
|
No, we do not want to add anything to the image to change
This works with the current image: docker run -it --rm \
-e POSTGRES_HOST_AUTH_METHOD=scram-sha-256 \
-e POSTGRES_INITDB_ARGS=--auth-host=scram-sha-256 \
-e POSTGRES_PASSWORD=12345 \
--network posty \
--name post \
postgres |
|
Thanks for the |
|
It might be more proper to modify the initialization script to check if |
|
Official docker image for version 13 was driving me crazy until I found this thread - please consider updating the docker hub page to include the POSTGRES_INIT_DB_ARGS... entry as required for setting scram-sha-256 to work. I spun it up using docker-compose and burned several hours trying to figure out what I was getting wrong.... |
|
Great idea -- docker-library/docs#1857 |
because the password would still be saved as md5,
but the host auth is set to scram-sha-256 in pg_hba.conf