password-less access, without using pg_hba
I'd like to provide public access, without a password, to a database hosted
on Amazon RDS.
I'm familiar with using pg_hba.conf to enable trust (no) authentication for
a user. pg_hba.conf is not available to DBAs on RDS.
Is there any other way to achieve password-less login in postgresql? I
tried alter user password NULL.
Thanks,
Reece
Reece Hart wrote
I'd like to provide public access, without a password, to a database
hosted
on Amazon RDS.I'm familiar with using pg_hba.conf to enable trust (no) authentication
for
a user. pg_hba.conf is not available to DBAs on RDS.Is there any other way to achieve password-less login in postgresql? I
tried alter user password NULL.Thanks,
Reece
Doubtful.
You need to give people the correct server ip and user anyway so why not
just give them a password at the same time?
If you are trying to do some automated scripting there are other, better,
solutions than disabling the password requirement. Especially on a
public-visible server.
David J.
--
View this message in context: http://postgresql.1045698.n5.nabble.com/password-less-access-without-using-pg-hba-tp5790947p5790948.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On 2/6/2014 6:07 PM, Reece Hart wrote:
I'd like to provide public access, without a password, to a database
hosted on Amazon RDS.I'm familiar with using pg_hba.conf to enable trust (no)
authentication for a user. pg_hba.conf is not available to DBAs on RDS.Is there any other way to achieve password-less login in postgresql? I
tried alter user password NULL.
.pgpass is supported by any libpq based client.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Thu, Feb 6, 2014 at 6:37 PM, David Johnston <polobo@yahoo.com> wrote:
Doubtful.
Yeah, that's what I had assumed too.
The question is motivated entirely by what I think would make it easier for
users. In principle it's not difficult to give people a password (as I do
now), but in practice it's a barrier that I'd like to eliminate.
-Reece
Reece Hart wrote
On Thu, Feb 6, 2014 at 6:37 PM, David Johnston <
polobo@
> wrote:
Doubtful.
Yeah, that's what I had assumed too.
The question is motivated entirely by what I think would make it easier
for
users. In principle it's not difficult to give people a password (as I do
now), but in practice it's a barrier that I'd like to eliminate.-Reece
If your users are connecting directly to a PostgreSQL database then the
presence or absence of a password has no significant impact on usability.
They have learned SQL and can interact with databases and likely expect to
need a password anyway. Usually developers make things easier by writing
software that the users interact with instead of the database...
David J.
--
View this message in context: http://postgresql.1045698.n5.nabble.com/password-less-access-without-using-pg-hba-tp5790947p5790966.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Thu, Feb 6, 2014 at 6:37 PM, David Johnston <polobo@yahoo.com> wrote:
Doubtful.
Yeah, that's what I had assumed too.
The question is motivated entirely by what I think would make it easier for
users. In principle it's not difficult to give people a password (as I do
now), but in practice it's a barrier that I'd like to eliminate.
+1. I told Amazon's RDS guy in Japan that it is a major pain for
PostgreSQL users to not be able to touch pg_hba.conf.
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On 02/06/2014 06:07 PM, Reece Hart wrote:
I'd like to provide public access, without a password, to a database
hosted on Amazon RDS.I'm familiar with using pg_hba.conf to enable trust (no)
authentication for a user. pg_hba.conf is not available to DBAs on RDS.Is there any other way to achieve password-less login in postgresql? I
tried alter user password NULL.
Ignoring the scary security issues....
If you can't access pg_hba.conf how about just sticking pgbouncer or
similar in the middle and have your users connect through that?
Cheers,
Steve
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
On Fri, Feb 7, 2014 at 8:27 AM, Steve Crawford <
scrawford@pinpointresearch.com> wrote:
Ignoring the scary security issues....
One of the niceties of an RDS deployment is that I don't care much about
the security issues: The machine is not in our VPC, there's only public
data on it, and I presume that AWS has isolated the instance to their
satisfaction. From my point of view, it's an ideal way to make data public
and way better than running it ourselves.
If you can't access pg_hba.conf how about just sticking pgbouncer or
similar in the middle and have your users connect through that?
I like the pgbouncer idea in principle, but it means more work for me that
I'm not willing to take on for this use.
Thanks everyone for the input. I'll stick with an advertised password.
-Reece