| From: | Gémes Géza <geza(at)kzsdabas(dot)hu> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Kerberized login to Postgres database |
| Date: | 2012-01-11 19:43:25 |
| Message-ID: | 4F0DE65D.3080902@kzsdabas.hu |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
2012-01-11 07:44 keltezéssel, Eugene Budanov írta:
> Hi!
>
>> I had a same problem already, but I recompiled Postgre with GSSAPI, it
>> does works correctly.
> Very interesting. Can you send me your config files?
>
> ---
> Best regards,
> Budanov Eugene
>
The relevant parts of my config is below:
postgresql.conf:
listen_addresses = '*'
krb_server_keyfile = '/etc/postgresql/postgres.keytab'
krb_caseins_users = on
pg_hba.conf:
host all all 0.0.0.0/0 gss
ktutil -k /etc/postgresql/postgres.keytab list gives:
Vno Type Principal
Aliases
1 aes256-cts-hmac-sha1-96 postgres/intranet(dot)kzsdabas(dot)hu(at)KZSDABAS(dot)HU
1 des3-cbc-sha1 postgres/intranet(dot)kzsdabas(dot)hu(at)KZSDABAS(dot)HU
1 arcfour-hmac-md5 postgres/intranet(dot)kzsdabas(dot)hu(at)KZSDABAS(dot)HU
The service is running on a debian squeeze box, the rest of the settings
are unrelated.
Regards
Geza
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Manoj Govindassamy | 2012-01-11 21:50:48 | PG synchronous replication and unresponsive slave |
| Previous Message | Eugene Budanov | 2012-01-11 06:44:16 | Re: Kerberized login to Postgres database |