Skip site navigation (1) Skip section navigation (2)

Re: Kerberos and fe-auth...

From: Sean Chittenden <sean(at)chittenden(dot)org>
To: Peter Eisentraut <peter_e(at)gmx(dot)net>
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: Kerberos and fe-auth...
Date: 2002-01-31 05:21:48
Message-ID: 20020130212148.F53466@ninja1.internal (view raw or flat)
Thread:
Lists: pgsql-hackers
> > I don't think it's any surprise that I'm hot on kerberos (updated docs
> > will come, one thing at a time), however I'm really really really
> > supper annoyed with the fact that I can't specify a way for a host to
> > optionally use krb5 or optionally use password authentication.
> 
> What???  Have you looked at pg_hba.conf recently?

In pg_hba.conf:

host         all         0.0.0.0       0.0.0.0             krb5
host         all         0.0.0.0       0.0.0.0             password


And from the CLI:

> klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_80.1)
> psql -h db1 dbname user
psql: fe_sendauth: krb5 authentication failed

The only way I can do something about that is to reverse the order of
the above entries in hba.conf, however, if I do that, then I can't use
krb5.  One or the other, not both, and that's my problem...  thoughts?
-sc

-- 
Sean Chittenden

In response to

pgsql-hackers by date

Next:From: Dave PageDate: 2002-01-31 08:35:20
Subject: Re: A simpler way to configure the source code?
Previous:From: Peter EisentrautDate: 2002-01-31 05:05:32
Subject: Re: Kerberos and fe-auth...

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group