from the dev document, i got that opengauss support several encryption type for cleint authentication:
local is a Unix domain socket. host is a common or SSL-encrypted TCP/IP socket. hostssl is an SSL-encrypted TCP/IP socket. hostnossl is a TCP/IP-only socket. authmehod-options is an optional parameter. Value range:
As i know that md5 is not safe enough? so why opengauss still support it, which authentication encryption type is recommanded ?
On
for your question, i guess openGauss have to sovle compatibility issue.
that is there are many old version deploying in customer's env, they may use the md5 encryption type.
so that openGauss can not delete the type directly.
then use sha256 authentication encryption as default for secure; use md5 for compatibility, but better make sure use it in trusted network.
Use MD5 only for compatibility with legacy applications and data. Sha256 is recommanded.