Re: hba conf ident sameuser not working

On Wed, Feb 15, 2006 at 09:00:41PM -0500, Tom Lane wrote:
> David Bear <David(dot)Bear(at)asu(dot)edu> writes:
> > now, back on teancum that has the tunnel on port 6666, I do this:
>
> > iddwb(at)teancum:~> psql -p 6666 -h localhost -U tlhowell
> > psql: FATAL: Ident authentication failed for user "tlhowell"
> > iddwb(at)teancum:~> psql -p 6666 -h localhost -U iddwb
> > psql: FATAL: Ident authentication failed for user "iddwb"
>
> I'm afraid you're kind of stuck on getting that to work. In the cases
> that work, psql is executing on the server side of the ssh connection.
> Here, you want it to work on the client side. The problem is that the
> Postgres server is going to see that TCP connection as originating from
> a server-side sshd daemon process, and so ident is quite properly going
> to fail unless the requested database username matches whatever sshd is
> running as.
>
> You could possibly get it to work if you could get sshd to run the
> daemon subprocess as yourself instead of root ... dunno enough about
> ssh to know if that's possible.

thats the path I was thinking along... Thanks.

>
> regards, tom lane
>
> ---------------------------(end of broadcast)---------------------------
> TIP 6: explain analyze is your friend

--
David Bear
phone: 480-965-8257
fax: 480-965-9189
College of Public Programs/ASU
Wilson Hall 232
Tempe, AZ 85287-0803
"Beware the IP portfolio, everyone will be suspect of trespassing"