| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | "Johnson, Bruce E - (bjohnson)" <Johnson(at)pharmacy(dot)arizona(dot)edu> |
| Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Connection not allowed because of an error 'Not in pg_hba.conf' |
| Date: | 2023-09-18 20:02:21 |
| Message-ID: | 228333.1695067341@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
"Johnson, Bruce E - (bjohnson)" <Johnson(at)pharmacy(dot)arizona(dot)edu> writes:
> The error I am getting on the client is:
> password authentication failed for user "trav"
> connection to server at "dhbpostgres.pharmacy.arizona.edu" (10.128.206.109), port 5432 failed: FATAL: no pg_hba.conf entry for host "10.128.206.109", user "trav", database "webdata", no encryption
> But I do have an entry that should allow it:
> #Internal server mgmt range
> hostssl all all 10.128.206.0/23 password
I think what you are seeing here is two separate connection attempts.
libpq will try an SSL connection, and that one is seemingly failing
with a bad password. Then it'll try a non-SSL connection, and that
one is getting rejected by the server because "hostssl" doesn't
permit it, leading to your second message (which clearly shows
that that connection wasn't ssl-encrypted).
You could adjust your connection parameters on the client side to
prevent the useless non-SSL connection attempt. But of course the
real question is how come the password authentication failed in
the first attempt. Looking into the server's log might yield
a clue.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Israel Brewster | 2023-09-18 20:48:20 | Re: Connection not allowed because of an error 'Not in pg_hba.conf' |
| Previous Message | Adrian Klaver | 2023-09-18 20:00:55 | Re: Connection not allowed because of an error 'Not in pg_hba.conf' |