Skip site navigation (1) Skip section navigation (2)

Re: hba conf ident sameuser not working

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: David(dot)Bear(at)asu(dot)edu
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-admin(at)postgresql(dot)org
Subject: Re: hba conf ident sameuser not working
Date: 2006-02-16 02:00:41
Message-ID: 21927.1140055241@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-admin
David Bear <David(dot)Bear(at)asu(dot)edu> writes:
> now, back on teancum that has the tunnel on port 6666, I do this:

> iddwb(at)teancum:~> psql -p 6666 -h localhost -U tlhowell
> psql: FATAL:  Ident authentication failed for user "tlhowell"
> iddwb(at)teancum:~> psql -p 6666 -h localhost -U iddwb
> psql: FATAL:  Ident authentication failed for user "iddwb"

I'm afraid you're kind of stuck on getting that to work.  In the cases
that work, psql is executing on the server side of the ssh connection.
Here, you want it to work on the client side.  The problem is that the
Postgres server is going to see that TCP connection as originating from
a server-side sshd daemon process, and so ident is quite properly going
to fail unless the requested database username matches whatever sshd is
running as.

You could possibly get it to work if you could get sshd to run the
daemon subprocess as yourself instead of root ... dunno enough about
ssh to know if that's possible.

			regards, tom lane

In response to

Responses

pgsql-admin by date

Next:From: Jerry SieversDate: 2006-02-16 15:36:01
Subject: Dropping of indexes with cached PL query plans
Previous:From: David BearDate: 2006-02-16 00:36:10
Subject: Re: hba conf ident sameuser not working

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group