Re: BUG #18095: Unintended non-SSL connection attempt by psql cli command after a failed password authentication

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: ytourki(at)ext(dot)scaleway(dot)com
Cc: pgsql-bugs(at)lists(dot)postgresql(dot)org
Subject: Re: BUG #18095: Unintended non-SSL connection attempt by psql cli command after a failed password authentication
Date: 2023-09-07 17:17:33
Message-ID: 1722734.1694107053@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

PG Bug reporting form <noreply(at)postgresql(dot)org> writes:
> When connecting to a PostgreSQL server (version 14) configured to only
> accept SSL connections, if a user provides an incorrect password, the psql
> client (version 14) returns two error messages in succession. The first
> message correctly indicates a password authentication failure, but the
> second suggests an unexpected non-SSL connection attempt.

This is libpq's (not psql's) default behavior. If you don't like it,
you need to set the sslmode parameter in the connection string to prevent
non-SSL connection attempts. See

https://www.postgresql.org/docs/current/libpq-ssl.html#LIBPQ-SSL-SSLMODE-STATEMENTS

regards, tom lane

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message Laurenz Albe 2023-09-07 20:50:36 Re: BUG #18095: Unintended non-SSL connection attempt by psql cli command after a failed password authentication
Previous Message PG Bug reporting form 2023-09-07 16:44:13 BUG #18095: Unintended non-SSL connection attempt by psql cli command after a failed password authentication