安全版V4.5密码加密算法由MD5改为SCRAM-SHA-256

发布时间:2026/7/18 1:51:26
安全版V4.5密码加密算法由MD5改为SCRAM-SHA-256 文章目录文档用途详细信息文档用途本文档用于指导瀚高数据库安全版V4.5的密码加密算法由MD5改为SCRAM-SHA-256详细信息1、用默认三权用户和普通用户登录数据库修改密码加密算法并更改密码[roothost~]# psql -U sysdba -d highgohighgo# alter system set password_encryption scram-sha-256;highgo# set password_encryption scram-sha-256;highgo# alter user sysdba with password xxx;highgo# \q[roothost~]# psql -U syssso -d highgohighgo# set password_encryption scram-sha-256;highgo# alter user syssso with password xxx;highgo# \q[roothost~]# psql -U syssao -d highgohighgo# set password_encryption scram-sha-256;highgo# alter user syssao with password xxx;highgo# \q[roothost~]# psql -U test -d highgohighgo# set password_encryption scram-sha-256;highgo# alter user test with password xxx;highgo# \q注普通用户忘记密码时可用管理员用户syssso设置密码。2、更改.pgpass中的密码如未配置.pgpass请忽略此步[roothost~]# vi ~/.pgpass#hostname:port:database:username:passwordlocalhost:5866:highgo:sysdba:xxx3、修改数据目录中的pg_hba.conf文件将MD5改为SCRAM-SHA-256TYPE DATABASE USER ADDRESS METHOD local all all scram-sha-256 host all all 127.0.0.1/32 scram-sha-256 host all all 0.0.0.0/0 scram-sha-256 # IPv6 local connections: host all all ::1/128 scram-sha-256 # Allow replication connections from localhost, by a user with the # replication privilege. local replication all scram-sha-256 host replication all 127.0.0.1/32 scram-sha-256 host replication all ::1/128 scram-sha-2564、重载数据库配置[roothost data]# pg_ctl reload注参数password_encryption为动态参数文件pg_hba可动态修改因此无需重启数据库。