blob: b2e8e0f78eef916e6521a240b592d5aa81cd3023 [file] [log] [blame]
= Hash password
The `hash_password` tool is used to get the jBcrypt hash of a password. This hash
can be used in CREATE/ALTER ROLE/USER statements for improved security.
This feature can be useful if we want to make sure no intermediate system, logging or
any other possible plain text password leak can happen.
== Usage
hash_password <options>
[cols=",",]
|===
|-h,--help |Displays help message
|-e,--environment-var <arg> |Use value of the specified environment
variable as the password
|-i,--input <arg> |Input is a file (or - for stdin) to read the
password from. Make sure that the whole input including newlines is
considered. For example, the shell command `echo -n foobar \| hash_password
-i -` will work as intended and just hash 'foobar'.
|-p,--plain <arg> |Argument is the plain text password
|-r,--logrounds <arg> |Number of hash rounds (default: 10).
|===
One of the options --environment-var, --plain or --input must be used.