| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Jeanna Geier" <jgeier(at)apt-cafm(dot)com> |
| Cc: | "Jeff Frost" <jeff(at)frostconsultingllc(dot)com>, pgsql-admin(at)postgresql(dot)org, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pg_hba.conf: 'trust' vs. 'md5' Issues |
| Date: | 2006-09-26 15:52:39 |
| Message-ID: | 26303.1159285959@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin pgsql-hackers |
"Jeanna Geier" <jgeier(at)apt-cafm(dot)com> writes:
> [ hostssl works with 'trust' but not 'md5' ]
> It's only when I change the connection method to 'md5' that I'm running into
> problems -- then I cannot connect from pgadmin or the command line.
I experimented with this using CVS HEAD, and found that SSL+md5 works
fine as long as I enter the correct password ... but if I give a wrong
password I get
$ psql -h localhost regression
Password:
psql: FATAL: no pg_hba.conf entry for host "127.0.0.1", user "tgl", database "regression", SSL off
$
which is at best pretty misleading :-(. I think libpq is probably
mishandling the "bad password" error and concluding that it should fall
back to a non-SSL connection, which the server then rejects. Will look
into it.
As for Jeanna's problem, I don't see any password prompt at all in her
example. I've forgotten the details, but wasn't there a password
prompting problem with 8.0.x on Windows?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Frost | 2006-09-26 15:58:16 | Re: pg_hba.conf: 'trust' vs. 'md5' Issues |
| Previous Message | Jeff Frost | 2006-09-26 15:51:56 | Re: pg_hba.conf: 'trust' vs. 'md5' Issues |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2006-09-26 15:55:52 | Re: horo(r)logy test fail on solaris (again and solved) |
| Previous Message | Jeff Frost | 2006-09-26 15:51:56 | Re: pg_hba.conf: 'trust' vs. 'md5' Issues |