From: | Zahid Rahman <zahidr1000(at)gmail(dot)com> |
---|---|
To: | Stephen Frost <sfrost(at)snowman(dot)net> |
Cc: | pgsql-novice(at)lists(dot)postgresql(dot)org |
Subject: | Re: Health warning: |
Date: | 2019-12-17 22:28:46 |
Message-ID: | CAPGSW3S-VnmuTjKJ48CZ7Ho-6jk2DAHUFZGX_J8W3FNB3rnQbQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
> I don't recommend doing so because it's very insecure.
Sir, nothing is really secure.
There is at least one person with full privileges.
On Tue, 17 Dec 2019, 21:41 Stephen Frost, <sfrost(at)snowman(dot)net> wrote:
> Greetings,
>
> * Zahid Rahman (zahidr1000(at)gmail(dot)com) wrote:
> > You have to set to trust from peer the first time you download and
> install
> > postgres.
> > Because there is no default password.
> > After you create a password.
> > Then you can reset from trust.
>
> No- peer auth allows the "postgres" unix user, which is the user that
> the database runs as, to connect.
>
> To do so, you would first "sudo su - postgres" and then run psql, and
> then you'll be able to connect without any need for a password. This is
> exactly what 'peer' auth is for and how it works and it's quite secure.
>
> There's no need to ever change the authentication method to be 'trust'
> and I don't recommend doing so because it's very insecure.
>
> > You also have to reboot your computer each time you change
> > etc/postgresql/12/main/pg_hba.conf.
> > at the very least restart the database.
>
> You don't have to restart the computer or the database when changes are
> made to pg_hba.conf- you just need to issue a "reload".
>
> Thanks,
>
> Stephen
>
From | Date | Subject | |
---|---|---|---|
Next Message | Zahid Rahman | 2019-12-17 23:47:25 | Re: Health warning: |
Previous Message | Zahid Rahman | 2019-12-17 21:48:18 | Re: Health warning: |