ERROR: (host) should be replaced by (hostnogssenc).

Started by PG Bug reporting formalmost 6 years ago2 messagesdocs

Jump to latest

PG Bug reporting form

noreply@postgresql.org

almost 6 years ago

The following documentation comment has been logged on the website:

Page: https://www.postgresql.org/docs/12/encryption-options.html
Description:

Chapter 18. Server Setup and Operation
18.8. Encryption Options

Under the topic "Encrypting Data Across A Network", I think there seems to
be a documentation error.

ERROR: (host) should be replaced by (hostnogssenc).

The pg_hba.conf file allows administrators to specify which hosts can use
non-encrypted connections (host) and which require GSSAPI-encrypted
connections (hostgssenc). Also, clients can specify that they connect to
servers only on GSSAPI-encrypted connections (gssencmode=require).

Thanks,
Raj Kumar

Tom Lane

tgl@sss.pgh.pa.us

almost 6 years ago

In reply to: PG Bug reporting form (#1)

Re: ERROR: (host) should be replaced by (hostnogssenc).

PG Doc comments form <noreply@postgresql.org> writes:

Under the topic "Encrypting Data Across A Network", I think there seems to
be a documentation error.

ERROR: (host) should be replaced by (hostnogssenc).

The pg_hba.conf file allows administrators to specify which hosts can use
non-encrypted connections (host) and which require GSSAPI-encrypted
connections (hostgssenc). Also, clients can specify that they connect to
servers only on GSSAPI-encrypted connections (gssencmode=require).

I think it's correct as it stands. hostnogssenc would have the semantics
"hosts that MUST use non-encrypted connections".

If that were actually a useful option, maybe it would be worth lengthening
this description to mention all three options ... but it seems OK as-is to
me.

regards, tom lane