Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get encrypted password for PostgreSQL login role

Tags:

postgresql

ansible

Is there a way to fetch the encrypted password for a login roll from a PostgreSQL server?

To give some insight into my problem, I'm trying to manage the postgres user's password via Ansible. To do so, I would like to check the current value of the encrypted password (e.g. 'md5...') to see if it's current or not. If it is not, I would execute the appropriate ALTER ROLL command to update it.

I know I can use pg_dumpall to see the password, e.g:

$ pg_dumpall --roles-only
<snip>
CREATE ROLE postgres;
ALTER ROLE postgres WITH ... PASSWORD 'md5...';

But this doesn't seem like a very reliable way of doing so.

like image 293
joxl Avatar asked Sep 24 '15 16:09

joxl

People also ask

How do I find my postgres master password?

If you don't remember your PostgreSQL database password, you can follow the steps below to reset it to a new value: Change the authentication method in the PostgreSQL configuration file pg_hba. conf from md5 to trust and reload the configuration. You should now be able to connect to PostgreSQL with the new password.

How do I login as admin PostgreSQL?

There are two ways to login PostgreSQL: By running the "psql" command as a UNIX user which is also configured as PostgreSQL user using so-called IDENT/PEER authentication, e.g., " sudo -u postgres psql ". Via TCP/IP connection using PostgreSQL's own managed username/password (using so-called MD5 authentication).

How do I connect to PostgreSQL without a password?

conf file and change all local connections from md5 to trust. By doing this, you can log in to the PostgreSQL database server without using a password. The "C:\Program Files\PostgreSQL\12\data" is the data directory. PostgreSQL will not require a password to login.

1 Answers

Try to read rolpassword field.

SELECT rolpassword FROM pg_authid

pg_authid

The catalog pg_authid contains information about database authorization identifiers (roles). A role subsumes the concepts of "users" and "groups". A user is essentially just a role with the rolcanlogin flag set. Any role (with or without rolcanlogin) can have other roles as members; see pg_auth_members.

Since this catalog contains passwords, it must not be publicly readable. pg_roles is a publicly readable view on pg_authid that blanks out the password field.

Chapter 19 contains detailed information about user and privilege management.

Because user identities are cluster-wide, pg_authid is shared across all databases of a cluster: there is only one copy of pg_authid per cluster, not one per database.

like image 177
Arsen Avatar answered Oct 03 '22 06:10

Arsen
Sign in to Comment

Related questions

How to pass custom type array to Postgres function
FROM_UNIX alternate in PostgreSQL
Create PostgreSQL 9 role with login (user) just to execute functions
Choosing/configuring a database for high-throughput, reliable, consistent write throughput, sacrificing latency
How much space do VIEWS occupy in PostgreSQL?
Create auto-Increment column in resultset PostgreSQL
Postgresql k-nearest neighbor (KNN) on multidimensional cube
Find values not present in supplied list postgres
Postgres not returning lastval() properly
pg_restore asking for password for database when there isn't one
Connect local rails app on my laptop to heroku database
De-allocating prepared queries
ERROR: COALESCE types bytea and character varying in PostgreSQL
Insert "daterange" field value into PostgreSQL table through JDBC
UnicodeEncodeError: 'ascii' codec can't encode character u'\u2019' in position 47: ordinal not in range(128)
PostgreSQL GROUP BY LOWER() not working
PostgreSQL bug in window function on partition?
Annotate django query if filtered row exists in second table
Running a SELECT in a PL/pgSQL block
Strange deadlock PostgreSQL deadlock issue with SELECT FOR UPDATE

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!