Setting user Postgres passwords via MD5

Say you want to create a Postgres account for a user but you don’t want them to have to reset it after logging in, and you don’t want to do the “come type in a password on my computer” routine. Well, here’s one way around this.

  1. Have the user generate an MD5 of their password on their local computer. Postgres uses the username as the salt for the hash, so the command to generate the md5 on a Mac would be (assuming a username of ‘ehoffman’ and a password of ‘abcdefg’):
    [evan@Evans-MacBook-Pro ~] $ echo -n abcdefgehoffman | md5

    The “-n” is important – without it, the newline gets included in the hash. After they generate their MD5, have them send it to you (along with their username).

  2. Create the user’s account in the database (or ALTER ROLE if it already exists):
    CREATE ROLE ehoffman LOGIN INHERIT ENCRYPTED PASSWORD 'md595eebfcce27162773a3828689df9d79e';

    Syntax for an existing account:

    ALTER ROLE ehoffman ENCRYPTED PASSWORD 'md595eebfcce27162773a3828689df9d79e';

That’s it. This has the added benefit of the password never being logged in the DB logs or the .psql_history. The main downside is the possibility of user error.

Migrating RT from mysql to postgresql.

So I wanted to move our old RT 3.6 system to a new VM running a clean CentOS 5.3 x86 install and RT 3.8. I got RT installed but the 3.6 system was running on MySQL, which sucks (still), and I wanted to move it to Postgres, which rules (more and more each day). So Googling for “migrate rt from mysql to postgresql” brought me here. I tried the procedure listed there but it wasn’t quite working for me. and mysql2postgresql.perl both caused segfaults when I tried to run them. I realized I was on my own, and it wasn’t really that bad.

Continue reading “Migrating RT from mysql to postgresql.”