in reply to Keeping a password safe.
In the case of worries about a postgres database-password the following is possible to connect without password (linux, unixen):
1. Use a ~/.pgpass file, or a customised copy somewhere (e.g. you could use the name name "$HOME/.pg_$USER"), and reduce access to it with chmod 0600 (in fact, in won't work otherwise). (see [1])
2. Point environment variable PGPASSFILE to a customised .pgpass-like file).
3. To make matters easier, you can also set PGPORT, PGHOST, PGDATABASE (if they are different from the defaults, which are resp. 5432, /tmp, $USER).
psql et al (all clients based on libpq) can now connect via these variables (e.g. perl DBI will connect with the minimal dsn 'dbi:Pg:').
[1] pg manual: libpq-pgpass.html
[2] pg manual: client-authentication.html
UPDATE: thanks to moritz for reminding me to add PGDATABASE.
|
---|