Participants
A. Kretschmer
A. Kretschmer
Magnus Hagander
Magnus Hagander
Bohdan Linda
Bohdan Linda
Attachments
Show all attachments
Thread Outline
#1A. KretschmerA. Kretschmer
Sep 21, 2005
#2Magnus HaganderMagnus Haganderto A. Kretschmer (#1)
Sep 21, 2005
#3Bohdan LindaBohdan Lindato A. Kretschmer (#1)
Sep 21, 2005

Re: pgclient hostbased authentication

Started by A. Kretschmerover 20 years ago3 messagesgeneral
Jump to latest
#1A. Kretschmer
A. Kretschmer
akretschmer@despammed.com

am 21.09.2005, um 15:53:45 +0200 mailte Bohdan Linda folgendes:

Hello,

may I ask, how(or which) ip is checked against pg_hba.conf IP entry in NAT
environment?

Could it be, that psql client packs IP address of the client into athentication data?

No. Why? Describe your problem.

pg_hba.conf can only see the packet source-ip.

Regards, Andreas
--
Andreas Kretschmer (Kontakt: siehe Header)
Heynitz: 035242/47212, D1: 0160/7141639
GnuPG-ID 0x3FFF606C http://wwwkeys.de.pgp.net
=== Schollglas Unternehmensgruppe ===

Import Notes
Reply to msg id not found: 20050921135345.GA11149@bafster.chello.upc.czReference msg id not found: 20050921135345.GA11149@bafster.chello.upc.cz
#2Magnus Hagander
Magnus Hagander
magnus@hagander.net
In reply to: A. Kretschmer (#1)

Hello,

may I ask, how(or which) ip is checked against pg_hba.conf IP
entry in NAT environment?

Could it be, that psql client packs IP address of the client
into athentication data?

No, it validates the source address on the TCP connection. In the event
of NAT, it will check the NATted address.

//Magnus

Import Notes
Resolved by subject fallback
#3Bohdan Linda
Bohdan Linda
bohdan.linda@seznam.cz
In reply to: A. Kretschmer (#1)

No. Why? Describe your problem.

I have got response like bellow, when connecting to server in completely
different network than 172.x.x.x
--------------
org.postgresql.util.PSQLException: Connection rejected: FATAL: no
pg_hba.conf entry for host "172.x.x.x", user "XxXxXx", database
"yYyYyY", SSL off

Regards,
Bohdan

← Back to Topics