From: | Rob van der Linde <robvdl(at)paradise(dot)net(dot)nz> |
---|---|
To: | Jeff Frost <jeff(at)frostconsultingllc(dot)com> |
Cc: | pgsql-admin(at)postgresql(dot)org |
Subject: | Re: pg_hba.conf stuff |
Date: | 2007-03-01 01:34:18 |
Message-ID: | 1172712858.23268.1.camel@athlon64 |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Yes! that's it, thanks heaps.
I had a .pgpass file in the home directory of the client PC. It's
possible PgAdmin III or some other program created it.
Thanks heaps, now I know it was not actually a security issue with my
server.
On Wed, 2007-02-28 at 17:15 -0800, Jeff Frost wrote:
> On Thu, 1 Mar 2007, Rob van der Linde wrote:
>
> > On that server I have a user account, called "ynui", and I also have a
> > postgres user called "ynui", they have the same password. Now the
> > server's IP is 192.168.0.1
> >
> > My main postgres conf has in it:
> >
> > listen_addresses = 'localhost,192.168.0.1'
> >
> > my pg_hba.conf is:
> >
> > # "local" is for Unix domain socket connections only
> > local all all md5
> > # IPv4 local connections:
> > host all all 127.0.0.1/32 md5
> > # IPv6 local connections:
> > host all all ::1/128 md5
> > # Internal network
> > host all all 192.168.0.0/24 md5
> >
> > Now I have a client PC 192.168.0.10, it's also running Linux and the
> > unix account name on this machine is rob. I have the postgres client
> > installed on this machine and am connecting like this:
> >
> > psql -h 192.168.0.1 -U ynui
> >
> > Now my problem is, because the server has on it a user account "ynui"
> > and postgres also has a user called "ynui", with the same password, it
> > goes straight in, without asking for the password at all!!!
> >
> > This is even though I specifically configured the "Internal network"
> > section in my pg_hba.conf file for "md5", and this "ynui" unix user is
> > actually on the server, not on the client pc. Then why does it still go
> > straight in from the client PC without asking for the password for the
> > "ynui" user?
> >
> > Any ideas? is there any way to prevent this automatic login, or is the
> > only way to have the unix "ynui" user and postgres "ynui" user no the
> > server to have a different password? I would prefer them not to have
> > different passwords however if possible.
> >
> > Any ideas? any help would be appreciated.
>
> Rob,
>
> The local OS user on the server should have no effect on postgres connectivity
> when connecting via the network.
>
> Do you by chance have a .pgpass file in the home directory of the OS user
> you're using to run psql?
>
> Also, did you reload postgresql after you made the changes to the pg_hba.conf?
>
From | Date | Subject | |
---|---|---|---|
Next Message | Jeff Frost | 2007-03-01 01:39:55 | Re: pg_hba.conf stuff |
Previous Message | Jeff Frost | 2007-03-01 01:15:01 | Re: pg_hba.conf stuff |