Socket & TCP connections
Hi,
I'm trying to setup PostgreSQL so that, it will not ask password when
connected locally (socket) whereas it will ask when connected using
TCP/IP. This should apply ONLY to root account. But this is not working -
local all root trust
local all all md5
# IPv4 local connections:
#host all root 127.0.0.1/32 trust
#host all root ::1/128 trust
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
I cannot give passwordless access to TCP/IP because then it will become
a big security hole using PhpPgAdmin exposed to the public.
--
Nilesh Govindarajan
Site & Server Administrator
www.itech7.com
=E0=A4=AE=E0=A5=87=E0=A4=B0=E0=A4=BE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4=
=E0=A4=AE=E0=A4=B9=E0=A4=BE=E0=A4=A8 !
=E0=A4=AE=E0=A4=AE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4: =E0=A4=AE=E0=A4=B9=
=E0=A4=A4=E0=A5=8D=E0=A4=A4=E0=A4=AE =E0=A4=AD=E0=A4=B5=E0=A4=A4=E0=A5=81=
!
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
Le 28/03/2010 19:11, Nilesh Govindarajan a =C3=A9crit :
> [...]
> I'm trying to setup PostgreSQL so that, it will not ask password when
> connected locally (socket) whereas it will ask when connected using
> TCP/IP. This should apply ONLY to root account. But this is not working=
-
>
> local all root trust
> local all all md5
> # IPv4 local connections:
> #host all root 127.0.0.1/32 trust
> #host all root ::1/128 trust
> host all all 127.0.0.1/32 md5
> host all all ::1/128 md5
>
> I cannot give passwordless access to TCP/IP because then it will become
> a big security hole using PhpPgAdmin exposed to the public.
>
Could you be more specific on what's not working? the exact error
message would be a great help. BTW, your settings are good for local
access, but you only allow localhost TCP/IP access.
--
Guillaume.
http://www.postgresqlfr.org
http://dalibo.com
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
On 03/29/2010 02:51 AM, Guillaume Lelarge wrote:
> Le 28/03/2010 19:11, Nilesh Govindarajan a =C3=A9crit :
>> [...]
>> I'm trying to setup PostgreSQL so that, it will not ask password when
>> connected locally (socket) whereas it will ask when connected using
>> TCP/IP. This should apply ONLY to root account. But this is not workin=
g -
>>
>> local all root trust
>> local all all md5
>> # IPv4 local connections:
>> #host all root 127.0.0.1/32 trust
>> #host all root ::1/128 trust
>> host all all 127.0.0.1/32 md5
>> host all all ::1/128 md5
>>
>> I cannot give passwordless access to TCP/IP because then it will becom=
e
>> a big security hole using PhpPgAdmin exposed to the public.
>>
>
> Could you be more specific on what's not working? the exact error
> message would be a great help. BTW, your settings are good for local
> access, but you only allow localhost TCP/IP access.
>
>
There's no error message as such. It doesn't do what is expected -
should not ask passwords for localhost.
If I connect as psql -U root -d postgres -h localhost, it still asks me
for password.
--
Nilesh Govindarajan
Site & Server Administrator
www.itech7.com
=E0=A4=AE=E0=A5=87=E0=A4=B0=E0=A4=BE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4=
=E0=A4=AE=E0=A4=B9=E0=A4=BE=E0=A4=A8 !
=E0=A4=AE=E0=A4=AE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4: =E0=A4=AE=E0=A4=B9=
=E0=A4=A4=E0=A5=8D=E0=A4=A4=E0=A4=AE =E0=A4=AD=E0=A4=B5=E0=A4=A4=E0=A5=81=
!
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
Hi, it seems to be working now. Can somebody explain to me how ? See
this pg_hba.conf -
# "local" is for Unix domain socket connections only
local all root trust
local all all md5
# IPv4 local connections:
#host all root 127.0.0.1/32 trust
#host all root ::1/128 trust
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
Its the same code I think which I wrote previously. But now it asks
password when connected through TCP and doesn't when connected directly
as psql -d postgres
PLZ EXPLAIN !! I'm in a big confusion :?
--
Nilesh Govindarajan
Site & Server Administrator
www.itech7.com
=E0=A4=AE=E0=A5=87=E0=A4=B0=E0=A4=BE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4=
=E0=A4=AE=E0=A4=B9=E0=A4=BE=E0=A4=A8 !
=E0=A4=AE=E0=A4=AE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4: =E0=A4=AE=E0=A4=B9=
=E0=A4=A4=E0=A5=8D=E0=A4=A4=E0=A4=AE =E0=A4=AD=E0=A4=B5=E0=A4=A4=E0=A5=81=
!
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
Le 29/03/2010 04:04, Nilesh Govindarajan a =C3=A9crit :
> Hi, it seems to be working now. Can somebody explain to me how ? See
> this pg_hba.conf -
>
> # "local" is for Unix domain socket connections only
> local all root trust
> local all all md5
> # IPv4 local connections:
> #host all root 127.0.0.1/32 trust
> #host all root ::1/128 trust
> host all all 127.0.0.1/32 md5
> host all all ::1/128 md5
>
> Its the same code I think which I wrote previously. But now it asks
> password when connected through TCP and doesn't when connected directly
> as psql -d postgres
>
> PLZ EXPLAIN !! I'm in a big confusion :?
>
You probably forgot to reload the configuration after modifying it, and
then someone reloaded it or restarted the server, and PostgreSQL was
able to use the new configuration.
--
Guillaume.
http://www.postgresqlfr.org
http://dalibo.com
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
On 03/29/2010 12:50 PM, Guillaume Lelarge wrote:
> Le 29/03/2010 04:04, Nilesh Govindarajan a =C3=A9crit :
>> Hi, it seems to be working now. Can somebody explain to me how ? See
>> this pg_hba.conf -
>>
>> # "local" is for Unix domain socket connections only
>> local all root trust
>> local all all md5
>> # IPv4 local connections:
>> #host all root 127.0.0.1/32 trust
>> #host all root ::1/128 trust
>> host all all 127.0.0.1/32 md5
>> host all all ::1/128 md5
>>
>> Its the same code I think which I wrote previously. But now it asks
>> password when connected through TCP and doesn't when connected directl=
y
>> as psql -d postgres
>>
>> PLZ EXPLAIN !! I'm in a big confusion :?
>>
>
> You probably forgot to reload the configuration after modifying it, and
> then someone reloaded it or restarted the server, and PostgreSQL was
> able to use the new configuration.
>
>
Yeah may be. But I remember issuing killall -HUP postmaster after every
change.
--
Nilesh Govindarajan
Site & Server Administrator
www.itech7.com
=E0=A4=AE=E0=A5=87=E0=A4=B0=E0=A4=BE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4=
=E0=A4=AE=E0=A4=B9=E0=A4=BE=E0=A4=A8 !
=E0=A4=AE=E0=A4=AE =E0=A4=AD=E0=A4=BE=E0=A4=B0=E0=A4=A4: =E0=A4=AE=E0=A4=B9=
=E0=A4=A4=E0=A5=8D=E0=A4=A4=E0=A4=AE =E0=A4=AD=E0=A4=B5=E0=A4=A4=E0=A5=81=
!
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Re: Socket & TCP connections
Nilesh Govindarajan skrev 2010-03-29 04.04:
> Hi, it seems to be working now. Can somebody explain to me how ? See
> this pg_hba.conf -
Did you reload the config, i.e pg_ctl reload, after making changes the
first time?
Regards,
roppert
>
> # "local" is for Unix domain socket connections only
> local all root trust
> local all all md5
> # IPv4 local connections:
> #host all root 127.0.0.1/32 trust
> #host all root ::1/128 trust
> host all all 127.0.0.1/32 md5
> host all all ::1/128 md5
>
> Its the same code I think which I wrote previously. But now it asks
> password when connected through TCP and doesn't when connected directly
> as psql -d postgres
>
> PLZ EXPLAIN !! I'm in a big confusion :?
>
--
Sent via pgsql-admin mailing list (pgsql-admin [at] postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
