Ubuntu – I don’t want to store passwords in an unencrypted file

postgresqlSecurity

I'm using Ubuntu 12.04 LTS on my developer machine and just realized that psql stores passwords in '~/.pgpass'. Furthermore this file is unencrypted. So anyone who has super user rights (i.e. is in group sudo) can access this file and read stored passwords. That's the worst case it could be.

Instead I'm wondering that psql does not ask for a password (just modified a pg_hba.conf on a postgresql server) and began to doubt about my administration skills.

The documentation just tells us how to create the file and how it should look like.. I want to disable this file as soon as possible. But how?

NO SOLUTION

The problem is pgadmin creates this file when I want to store my passwords. It is a GUI and to use a GUI I'm already logged in and mostly the window manager has something like a keyring that is decrypted when I log in. It would be wonderful if pgadmin could use this but as discussed in the answer: it's a feature request for pgadmin.

Best Answer

Delete it. .pgpass is just a file. Enter the passwords on the command line if you don't want to store them. psql will never create or modify .pgpass, so you must've set it up yourself.

It makes no sense to store .pgpass encrypted; you'd need a password to decrypt it, and the whole point of .pgpass is for automating password logins.

The solution here is don't use a .pgpass file if you don't really need the passwordless login and aren't willing to accept the security compromises it imposes. Since it sounds like your .pgpass was created by PgAdmin-III, tell it not to save passwords and it won't create .pgpass. It gave you a big warning the first time you told it to save a password, telling you that it would store the password in clear text, for exactly this reason.

If you need strong and secure passwordless logins, use Kerberos / GSSAPI.

That said, anyone who has super-user rights can get your passwords no matter what you do. They can capture your typing with a keylogger. They can modify libpq to save the passwords to a file as they're entered. Lots of options. If you don't trust the superuser(s) on your machine, find somewhere else to work from, because you've already lost.

Related Question