Help Center > > Developer Guide> Setting GUC Parameters> Connection and Authentication> Security and Authentication (postgresql.conf)

Security and Authentication (postgresql.conf)

Updated at: Jul 15, 2020 GMT+08:00

This section describes parameters about how to securely authenticate the client and server.

session_timeout

Parameter description: Specifies the longest duration with no operations after the connection to the server.

Type: USERSET

Value range: an integer ranging from 0 to 86400. The minimum unit is s. 0 indicates disable the timeout.

Default value: 10 min

The gsql client of DWS has an automatic reconnection mechanism. For local connection of initialized users, the client reconnects to the server if the connection breaks after the timeout.

ssl_renegotiation_limit

Parameter description: Specifies the traffic volume over the SSL-encrypted channel before the session key is renegotiated. The renegotiation traffic limitation mechanism reduces the probability that attackers use the password analysis method to crack the key based on a huge amount of data but causes big performance losses. The traffic indicates the sum of sent and received traffic.

Type: USERSET

You are advised to retain the default value, that is, disable the renegotiation mechanism. You are not advised to use the gs_guc tool or other methods to set the ssl_renegotiation_limit parameter in the postgresql.conf file. The setting does not take effect.

Value range: an integer ranging from 0 to 2147483647. The unit is KB. 0 indicates that the renegotiation mechanism is disabled.

Default value: 0

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel