| From: | Richard Huxton <dev(at)archonet(dot)com> |
|---|---|
| To: | Oliver Elphick <olly(at)lfix(dot)co(dot)uk> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Problem - any password accepted |
| Date: | 2007-05-30 17:34:29 |
| Message-ID: | 465DB5A5.2010503@archonet.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Oliver Elphick wrote:
> While experimenting just now, I seem to have found a weird problem with
> passwords, in that _anything_ I type in is accepted as a valid password.
>
>
> Here are the relevant bits of pg_hba.conf
> # TYPE DATABASE USER CIDR-ADDRESS METHOD
> hostnossl junk olly 127.0.0.1/32 trust
> host all all 127.0.0.1/32 md5
> 2. TCP/IP access: this uses SSL so it skips the hostnossl line and hits
> the next host line, which specifies an md5 password. Whatever I type is
> accepted.
> In the log I have:
> 2007-05-30 17:54:59 BST LOG: could not receive data from client: Connection res
> et by peer
> 2007-05-30 17:55:02 BST FATAL: password authentication failed for user "olly"
>
> but it has still let me in.
Is it not falling back to non-SSL access, and so letting you through
with "trust"?
With a libpq call you could set "sslmode", but I'm not sure if you can
do that from the command-line.
--
Richard Huxton
Archonet Ltd
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martijn van Oosterhout | 2007-05-30 17:38:31 | Re: Problem - any password accepted |
| Previous Message | Andrus | 2007-05-30 17:33:36 | Re: How to implement GOMONTH function |