Re: [HACKERS] pg_hba.conf: 'trust' vs. 'md5' Issues

I have run into the issue with our linux boxes connecting with the JDBC
driver. Lucky for us our connections already go over encrypted VPN
connections so I could get by with the following in my pg_hba.conf

hostssl all all 192.168.176.0 255.255.255.0 md5
host all all 192.168.176.2 255.255.255.255 md5
host all all 192.168.176.9 255.255.255.255 md5
host all all 192.168.176.21 255.255.255.255 md5
host all all 192.168.176.22 255.255.255.255 md5

This will select the SSL connection first and then fall back to the non-ssl
which are restricted to our tomcat web servers.

This work around was set up in 7.4 of postgres. We are currently upgrading
to 8.1, but I have not had a chance to revisit the SSL with JDBC yet.

Woody
IGLASS Networks

-----Original Message-----
From: pgsql-hackers-owner(at)postgresql(dot)org
[mailto:pgsql-hackers-owner(at)postgresql(dot)org] On Behalf Of Jeanna Geier
Sent: Tuesday, September 26, 2006 1:24 PM
To: Jeff Frost
Cc: "Tom Lane"; pgsql-admin(at)postgresql(dot)org; pgsql-hackers(at)postgresql(dot)org
Subject: Re: [HACKERS] [ADMIN] pg_hba.conf: 'trust' vs. 'md5' Issues

Searched again for 'pgpass' and for the 'Application Data' directory with no
luck...

And, tell me it ain't so "you don't have to build the windows version from
source to use SSL" -- I had two seperate posters tell me that I did and I
wrestled with it for a bit...for nothing?? Ah, live and learn! :o) I don't
think I'll consider myself a 'newbie' after this project is done. :o)

----- Original Message -----
From: "Jeff Frost" <jeff(at)frostconsultingllc(dot)com>
To: "Jeanna Geier" <jgeier(at)apt-cafm(dot)com>
Cc: ""Tom Lane"" <tgl(at)sss(dot)pgh(dot)pa(dot)us>; <pgsql-admin(at)postgresql(dot)org>;
<pgsql-hackers(at)postgresql(dot)org>
Sent: Tuesday, September 26, 2006 12:16 PM
Subject: Re: [ADMIN] pg_hba.conf: 'trust' vs. 'md5' Issues

> On Tue, 26 Sep 2006, Jeanna Geier wrote:
>
>> Any thoughts?? Like I said previously, I did build this on Windows
>> from source so we could use the SSL option.....could I have missed
>> something when I was doing that? (It was my first time and I was
>> following instructions from the INSTALL docs)
>
>
> Jeanna, see my earlier email regarding all the different variations
> and also where to find your pgpass file on windows. But, please note,
> you don't have to build the windows version from source to use SSL.
> The two binary versions I was using for testing both worked fine with SSL.
>

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match