| From: | Atul Kumar <akumar14871(at)gmail(dot)com> |
|---|---|
| To: | Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com> |
| Cc: | Ron Johnson <ronljohnsonjr(at)gmail(dot)com>, pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: strange behavior of pg_hba.conf file |
| Date: | 2023-11-22 17:44:12 |
| Message-ID: | CA+ONtZ7RZs8YvrXO68K=txJyHi4VGQVA6aYzuwT-6cN3642WRg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I am giving this command
psql -d postgres -U postgres -p 5432 -h localhost
Then only I get that error.
but when I pass ip or hostname of the local server then I don't get such
error message
1. psql -d postgres -U postgres -p 5432 -h <ip of local server>
2. psql -d postgres -U postgres -p 5432 -h <hostname of local server>
I don;t get that error while using the above two commands.
Regards.
On Wed, Nov 22, 2023 at 10:45 PM Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com>
wrote:
> On 11/22/23 09:03, Atul Kumar wrote:
> > The entries that I changed were to replace the md5 with scram-sha-256
> > and remove unnecessary remote IPs.
>
> FYI from:
>
> https://www.postgresql.org/docs/current/auth-password.html
>
> md5
>
> The method md5 uses a custom less secure challenge-response
> mechanism. It prevents password sniffing and avoids storing passwords on
> the server in plain text but provides no protection if an attacker
> manages to steal the password hash from the server. Also, the MD5 hash
> algorithm is nowadays no longer considered secure against determined
> attacks.
>
> The md5 method cannot be used with the db_user_namespace feature.
>
> To ease transition from the md5 method to the newer SCRAM method,
> if md5 is specified as a method in pg_hba.conf but the user's password
> on the server is encrypted for SCRAM (see below), then SCRAM-based
> authentication will automatically be chosen instead.
>
> >
> > But it has nothing to do with connecting the server locally with "psql
> > -d postgres -U postgres -h localhost"
>
> The error:
>
> no pg_hba.conf entry for host "::1", user "postgres", database "postgres
>
>
> says it does and the error is correct as you do not have an IPv6 entry
> for localhost in pg_hba.conf. At least in the snippet you showed us.
>
>
> >
> > But when I try to connect it locally I get this error. So it is related
>
> When you say connect locally do you mean to localhost or to local(socket)?
>
> > to local connections only and when I pass the hostname or ip of the
> > server it works fine without any issue.
> >
> >
> > Regards.
> >
>
> --
> Adrian Klaver
> adrian(dot)klaver(at)aklaver(dot)com
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andreas Kretschmer | 2023-11-22 17:55:23 | Re: strange behavior of pg_hba.conf file |
| Previous Message | Achilleas Mantzios | 2023-11-22 17:38:50 | Re: Removing oids with pg_repack |