Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Re: Fwd: psql+krb5
* Craig Ringer (craig(at)postnewspapers(dot)com(dot)au) wrote: > I've dropped all your cross-posts; this is just going to PgSQL-general. Thanks for that. > On 30/11/2009 3:29 PM, rahimeh khodadadi wrote: > >> psql: *krb5_sendauth: Bad application version was sent (via sendauth)* > > Also: a search for your error message finds this post, which, while > related to a Windows kerberos server, seems to apply: It's the same kind of issue (wrong service name), but I think the real problem is this: krb_srvname = 'postgres/star(at)EXAMPLE(dot)COM' The documentation, I think, is pretty clear: http://www.postgresql.org/docs/8.4/interactive/auth-methods.html#KERBEROS-AUTH PostgreSQL operates like a normal Kerberos service. The name of the service principal is servicename/hostname(at)realm(dot) servicename can be set on the server side using the krb_srvname configuration parameter The above should just be: krb_srvname = 'postgres' Or, better, just removed. Unless you're running under a Microsoft Active Directory Kerberos environment, the default should 'just work'. Additionally, this is also almost certainly wrong: krb_server_hostname = 'star' Again, referring to the same documentation: hostname is the fully qualified host name of the server machine. You really should have a proper FQDN set for this system. I would also recommend using a real domain rather than 'EXAMPLE.COM'. Also, I didn't see the version of PostgreSQL, but if you're using something recent your auth method should really be 'gss' instead of 'krb5'. > I don't know much about Kerberos, not I suspect do all that many people > on the list, so I can't be of any more help. Unfortunately, I don't pay as close attention to the lists as I wish I could. Kerberos with PG is actually a solution I typically recommend. Thanks, Stephen
In response to
- Re: Fwd: psql+krb5 at 2009-12-02 01:04:34 from Craig Ringer
Responses
- Re: Fwd: psql+krb5 at 2009-12-02 06:40:43 from rahimeh khodadadi
pgsql-docs by date
Next: From: rahimeh khodadadi Date: 2009-12-02 06:40:43 Subject: Re: Fwd: psql+krb5 Previous: From: Craig Ringer Date: 2009-12-02 01:04:34 Subject: Re: Fwd: psql+krb5
pgsql-hackers by date
Next: From: KaiGai Kohei Date: 2009-12-02 01:52:20 Subject: Re: SE-PgSQL patch review Previous: From: Greg Stark Date: 2009-12-02 01:13:50 Subject: Re: Block-level CRC checks
pgsql-odbc by date
Next: From: rahimeh khodadadi Date: 2009-12-02 06:40:43 Subject: Re: Fwd: psql+krb5 Previous: From: Craig Ringer Date: 2009-12-02 01:20:17 Subject: Re: Hi!
pgsql-general by date
Next: From: weixiang tam Date: 2009-12-02 02:15:28 Subject: customize Postgres install issue Previous: From: Craig Ringer Date: 2009-12-02 01:29:16 Subject: Re: how to install just client libraries on windows?