PostgreSQL downgrade password encryption from SCRAM to md5

Question

I need to downgrade password encryption for user postgres from scram-sha-265 to md5.

I've tried modifying pg_hba.conf and postgresql.conf files changing password encryption from scram-sha-256 to md5 but after that I was unable to connect to the database.

I'm using PostgreSQL 13 and PgAdmin 4 v5.

Thanks for any help and suggestion!

PS: I have to do this because RStudio can't manage connections with scram authentication.

The error is *Error in postgresqlNewConnection(drv, ...) : RS-DBI driver: (could not connect postgres@127.0.0.1:5432 on dbname "progetto_bd": SCRAM authentication requires libpq version 10 or above )* — Daniele974, Apr 26 '21 at 12:19
But the error message is pretty sure it is not. I think we can go with the error message here. I have seen it a lot, and never known it to be wrong. — jjanes, Apr 26 '21 at 15:04

score 5 · Answer 1 · edited Dec 12 '22 at 09:25

I solved following these steps:

Change password_encryption to md5 in file postgresql.conf

Change the first 3 occurrences of scram-sha-256 to trust in file pg_hba.conf

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            trust
# IPv6 local connections:
host    all             all             ::1/128                 trust

Restart postgresql service

Execute psql -U postgres (you won't be asked for password)

Change password with command \password username

Change the first 3 occurrences of trust to md5 in file pg_hba.conf

# "local" is for Unix domain socket connections only
local   all             all                                     md5
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5

Restart postgresql service

Laurenz Albe · Answer 2 · 2021-04-26T16:05:59.980

3

You need to reload the database, then set the user's password again (probably using a superuser account), so that the user has an MD5-hashed password again. Connect to the database as superuser with psql, then:

SELECT pg_reload_conf();

-- to verify the settings are like you want:

SHOW password_encryption;
SELECT * FROM pg_hba_file_rules();

-- change the password

\password myuser

edited Apr 26 '21 at 16:05

answered Apr 26 '21 at 11:18

Laurenz Albe

209,280
17
206
263

Can you be more precise? Thanks :) – Daniele974 Apr 26 '21 at 12:23
I have extended my answer. – Laurenz Albe Apr 26 '21 at 16:06
thank you for the answer. I tried these lines one by one after logging in to psql, but nothing gets return to me, except for "\password myuser". Is that normal? Also for "myuser", it tells me role "myuser" does not exist; so I tried "postgresql" still not working... Any advice please? – Helene Jul 19 '21 at 01:20
@Helene You forgot the semicolons. – Laurenz Albe Jul 19 '21 at 05:14

PostgreSQL downgrade password encryption from SCRAM to md5

2 Answers2

Linked