simple md5 authentication problems

On 5 May 2006 02:22:32 -0700, robert <robertlazarski@gmail.com> wrote:

Hi all, hope this is the right list.

I have postgres 8.1 running on linux. We have tests that mostly run on
windows. I want to run these tests on linux.

On these windows boxes, pg_hba.conf has just one line:

host all all 127.0.0.1/32 md5

They use 'postgres' as the user and password to connect to a db.

I couldn't start postgres on linux with just that line, so on linux I
have:

# "local" is for Unix domain socket connections only
local all all ident sameuser
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 ident sameuser

I created my db as:
postgres=# CREATE DATABASE maragato_test OWNER postgres;

I seem to have a user 'postgres' - I'm using the default.

postgres=# SELECT * FROM "pg_user";
usename | usesysid | usecreatedb | usesuper | usecatupd | passwd |
valuntil | useconfig
----------+----------+-------------+----------+-----------+----------+----------+-----------
postgres | 10 | t | t | t | ******** |
|

However, I get this error:

/home/postgres> psql -h localhost maragato_test postgres
Password for user postgres:
psql: FATAL: autenticação do tipo password falhou para usuário
"postgres"

Sorry - couldn't get local en_US working. That translates to:
Authentication of type password failed for user postgres. I think that
means 'ident password' . I tried to connect with java and I get the
same error.

I just need to connect to db 'maragato_test' on local host using
'postgres´ as the user and password, using md5.

Try '-h 127.0.0.1' rather than 'localhost' - it's still seeing the
connection as coming through the socket, not through tcpip, so it's
matching the "ident" rule.

--
Postgresql & php tutorials
http://www.designmagick.com/

Thanks for the response, but changing to 127.0.0.1 didn't help.

Changing this line sets the db wide open:

host all all 127.0.0.1/32 trust

From there, another non-root login can access it with any user /

password.

What I really need is this command to work with a non-root
account, with only the right username and password - in this case the
pre-configured postgres account:

psql -U postgres -h 127.0.0.1

robert

"chris smith" escreveu:

# "local" is for Unix domain socket connections only
local all all ident sameuser
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 ident sameuser

I created my db as:
postgres=# CREATE DATABASE maragato_test OWNER postgres;

I seem to have a user 'postgres' - I'm using the default.

postgres=# SELECT * FROM "pg_user";
usename | usesysid | usecreatedb | usesuper | usecatupd | passwd |
valuntil | useconfig
----------+----------+-------------+----------+-----------+----------+----------+-----------
postgres | 10 | t | t | t | ******** |
|

However, I get this error:

/home/postgres> psql -h localhost maragato_test postgres
Password for user postgres:
psql: FATAL: autentica��o do tipo password falhou para usu�rio
"postgres"

doesn't that user have to exist since you are using ident method? that
means unix username == postgres username.
do you have a user named maragato_test on the system?
did you create that user in postgres and on the system?

On Mon, May 08, 2006 at 23:10:31 +0900,
kmh496 <kmh496@kornet.net> wrote:

doesn't that user have to exist since you are using ident method? that
means unix username == postgres username.
do you have a user named maragato_test on the system?
did you create that user in postgres and on the system?

Note that you can create custom mappings for which the unix user is not
the same as the postgres user.

Bruno Wolff III escreveu:

On Mon, May 08, 2006 at 23:10:31 +0900,
kmh496 <kmh496@kornet.net> wrote:

doesn't that user have to exist since you are using ident method? that
means unix username == postgres username.
do you have a user named maragato_test on the system?
did you create that user in postgres and on the system?

Note that you can create custom mappings for which the unix user is not
the same as the postgres user.

I don't want to use ident and the unix user name. Let me try and
simplify my question:

1) Isn't the user 'postgres' pre-configured? Running this seems to
imply so: 'select datname from pg_database;'
datname
---------------
postgres

2) Is there a way to use this user 'postgres' with a non-root unix
account _not_ named postgres? I just want _any_ method - md5, ident,
whatever, that allows access to my db with user 'postgres' from an
account called myuser1, myuser2, and myuser3. Tomorrow it might be
myuser4.

3) I'm willing to try and use custom mappings if that's the easiest way
to solve my problem.

Thanks for the help,
Robert

On Mon, May 08, 2006 at 02:10:02PM -0700, robert wrote:

1) Isn't the user 'postgres' pre-configured? Running this seems to
imply so: 'select datname from pg_database;'
datname
---------------
postgres

This demonstrates a *database* named postgres. Users are in the pg_user
table.

2) Is there a way to use this user 'postgres' with a non-root unix
account _not_ named postgres? I just want _any_ method - md5, ident,
whatever, that allows access to my db with user 'postgres' from an
account called myuser1, myuser2, and myuser3. Tomorrow it might be
myuser4.

Absolutely, though the question is obviously why. It's a superuser
account, you can create more of them if you like with createuser.

If you want to use md5, setup a line in pg_hba.conf for md5 auth from
wherever you're logging in (reload postmaster). For this to work you
might need to ALTER USER postgres WITH PASSWORD 'blah' to set the
password.

If you want to use ident (no password), setup pg_hba.conf for ident
using a mapname. You say "ident mapname" there. Then in pg_ident.conf
setup the mapping for IDENT to PGUSERNAME there. Reload postmaster.

You can use trust if you're desperate.

Hope this helps,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/