Participants
Maarten Boekhold
Maarten Boekhold
Jeffrey Napolitano
Jeffrey Napolitano
Maarten Boekhold
Maarten Boekhold
Attachments
Show all attachments
Thread Outline
#1Maarten BoekholdMaarten Boekhold
Jul 30, 1998
#2...#3
Jeffrey NapolitanoMaarten Boekhold
to Maarten Boekhold (#1)
Jul 30, 1998
#2Jeffrey NapolitanoJeffrey Napolitanoto Maarten Boekhold (#1)
Jul 30, 1998
#3Maarten BoekholdMaarten Boekholdto Jeffrey Napolitano (#2)
Jul 30, 1998
#4Maarten BoekholdMaarten Boekholdto Maarten Boekhold (#1)
Jul 30, 1998

User authentication blues

Started by Maarten Boekholdalmost 28 years ago4 messagesgeneral
Jump to latest
#1Maarten Boekhold
Maarten Boekhold
maartenb@dutepp0.et.tudelft.nl

Hi,

I have a 6.3.2 server, and I want to use password authentication.
So, I gave the user 'postgres' and some other user a password, and I put this
in my pg_hba.conf:

host all 127.0.0.1 255.255.255.255 password
host all 206.31.72.11 255.255.255.255 password

But I cannot connect this way using a password (psql -u). I can connect
if I set everything to 'trust', but in that case I can even fool
posttresql in thinking I'm user postgres while I'm logged on as the other
user by using password authentication and using 'postgres' as username
while supplying a fake password.

Am I doing something wrong here?

Maarten

_____________________________________________________________________________
| TU Delft, The Netherlands, Faculty of Information Technology and Systems |
| Department of Electrical Engineering |
| Computer Architecture and Digital Technique section |
| M.Boekhold@et.tudelft.nl |
-----------------------------------------------------------------------------

#2Jeffrey Napolitano
Jeffrey Napolitano
jnapoli@setech.com
In reply to: Maarten Boekhold (#1)
Re: [GENERAL] User authentication blues

Your pg_hba.conf listing does not include a password FILE - the format
is:

host allowedDB's IPaddys mask AUTHTYPE PASSWORDFILE
(such as (such as
"password", "mypasswords")
"trust", etc)
--
When I was seven years old, I was once reprimanded by my mother for an
act of collective brutality in which I had been involved at school. A
group of seven-year-olds had been teasing and tormenting a
six-year-old. "It is always so," my mother said. "You do things
together which not one of you would think of doing alone." ...
Wherever one looks in the world of human organization, collective
responsibility brings a lowering of moral standards. The military
establishment is an extreme case, an organization which seems to have
been expressly designed to make it possible for people to do things
together which nobody in his right mind would do alone.
-- Freeman Dyson, "Weapons and Hope"

Jeffrey Napolitano
Lowly Intern
Software Emancipation Technology

Maarten Boekhold wrote:

Show quoted text

Hi,

I have a 6.3.2 server, and I want to use password authentication.
So, I gave the user 'postgres' and some other user a password, and I put this
in my pg_hba.conf:

host all 127.0.0.1 255.255.255.255 password
host all 206.31.72.11 255.255.255.255 password

But I cannot connect this way using a password (psql -u). I can connect
if I set everything to 'trust', but in that case I can even fool
posttresql in thinking I'm user postgres while I'm logged on as the other
user by using password authentication and using 'postgres' as username
while supplying a fake password.

Am I doing something wrong here?

Maarten

_____________________________________________________________________________
| TU Delft, The Netherlands, Faculty of Information Technology and Systems |
| Department of Electrical Engineering |
| Computer Architecture and Digital Technique section |
| M.Boekhold@et.tudelft.nl |
-----------------------------------------------------------------------------

#3Maarten Boekhold
Maarten Boekhold
maartenb@dutepp0.et.tudelft.nl
In reply to: Jeffrey Napolitano (#2)
Re: [GENERAL] User authentication blues

On Thu, 30 Jul 1998, Jeffrey Napolitano wrote:

Your pg_hba.conf listing does not include a password FILE - the format
is:

host allowedDB's IPaddys mask AUTHTYPE PASSWORDFILE
(such as (such as
"password", "mypasswords")
"trust", etc)

AFAIK in the newer versions of PostgreSQL (6.3.2) this is not needed
anymore because the password is stored in a system table (pg_shadow, only
readable by the postgres superuser).

Maarten

_____________________________________________________________________________
| TU Delft, The Netherlands, Faculty of Information Technology and Systems |
| Department of Electrical Engineering |
| Computer Architecture and Digital Technique section |
| M.Boekhold@et.tudelft.nl |
-----------------------------------------------------------------------------

#4Maarten Boekhold
Maarten Boekhold
maartenb@dutepp2.et.tudelft.nl
In reply to: Maarten Boekhold (#1)
Re: [GENERAL] User authentication blues

On Thu, 30 Jul 1998, Maarten Boekhold wrote:

Hi,

I have a 6.3.2 server, and I want to use password authentication.
So, I gave the user 'postgres' and some other user a password, and I put this
in my pg_hba.conf:

host all 127.0.0.1 255.255.255.255 password
host all 206.31.72.11 255.255.255.255 password

But I cannot connect this way using a password (psql -u). I can connect
if I set everything to 'trust', but in that case I can even fool
posttresql in thinking I'm user postgres while I'm logged on as the other
user by using password authentication and using 'postgres' as username
while supplying a fake password.

I've figured out that if I use authtype 'crypt' in pg_hba.conf I can
connect to a database. I don't have to specify 'authtype=crypt' in my
perl-script, 'authtype=passwd' works just fine. Only, I cannot use this
to connect from older clients (ie. a 6.2 system). Too bad.....

Maarten

_____________________________________________________________________________
| TU Delft, The Netherlands, Faculty of Information Technology and Systems |
| Department of Electrical Engineering |
| Computer Architecture and Digital Technique section |
| M.Boekhold@et.tudelft.nl |
-----------------------------------------------------------------------------

← Back to Topics