Skip site navigation (1) Skip section navigation (2)

Re: pg_hba.conf stuff

From: Jeff Frost <jeff(at)frostconsultingllc(dot)com>
To: Rob van der Linde <robvdl(at)paradise(dot)net(dot)nz>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: pg_hba.conf stuff
Date: 2007-03-01 01:15:01
Message-ID: Pine.LNX.4.64.0702281712300.3892@discord.home.frostconsultingllc.com (view raw or flat)
Thread:
Lists: pgsql-admin
On Thu, 1 Mar 2007, Rob van der Linde wrote:

> On that server I have a user account, called "ynui", and I also have a
> postgres user called "ynui", they have the same password. Now the
> server's IP is 192.168.0.1
>
> My main postgres conf has in it:
>
> listen_addresses = 'localhost,192.168.0.1'
>
> my pg_hba.conf is:
>
> # "local" is for Unix domain socket connections only
> local   all         all                               md5
> # IPv4 local connections:
> host    all         all         127.0.0.1/32          md5
> # IPv6 local connections:
> host    all         all         ::1/128               md5
> # Internal network
> host    all         all         192.168.0.0/24        md5
>
> Now I have a client PC 192.168.0.10, it's also running Linux and the
> unix account name on this machine is rob. I have the postgres client
> installed on this machine and am connecting like this:
>
> psql -h 192.168.0.1 -U ynui
>
> Now my problem is, because the server has on it a user account "ynui"
> and postgres also has a user called "ynui", with the same password, it
> goes straight in, without asking for the password at all!!!
>
> This is even though I specifically configured the "Internal network"
> section in my pg_hba.conf file for "md5", and this "ynui" unix user is
> actually on the server, not on the client pc. Then why does it still go
> straight in from the client PC without asking for the password for the
> "ynui" user?
>
> Any ideas? is there any way to prevent this automatic login, or is the
> only way to have the unix "ynui" user and postgres "ynui" user no the
> server to have a different password? I would prefer them not to have
> different passwords however if possible.
>
> Any ideas? any help would be appreciated.

Rob,

The local OS user on the server should have no effect on postgres connectivity 
when connecting via the network.

Do you by chance have a .pgpass file in the home directory of the OS user 
you're using to run psql?

Also, did you reload postgresql after you made the changes to the pg_hba.conf?

-- 
Jeff Frost, Owner 	<jeff(at)frostconsultingllc(dot)com>
Frost Consulting, LLC 	http://www.frostconsultingllc.com/
Phone: 650-780-7908	FAX: 650-649-1954

In response to

Responses

pgsql-admin by date

Next:From: Rob van der LindeDate: 2007-03-01 01:34:18
Subject: Re: pg_hba.conf stuff
Previous:From: Rob van der LindeDate: 2007-03-01 00:43:41
Subject: pg_hba.conf stuff

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group