From: | Russell Smith <mr-russ(at)pws(dot)com(dot)au> |
---|---|
To: | Tom Allison <tom(at)tacocat(dot)net> |
Cc: | pgsql-general(at)postgresql(dot)org |
Subject: | Re: pg_hba.conf |
Date: | 2006-11-20 11:55:40 |
Message-ID: | 456197BC.10103@pws.com.au |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Tom Allison wrote:
> Russell Smith wrote:
>> Tom Allison wrote:
>>> Ran into a mystery that I can't seem to figure out....
>>>
>>>
>>> I want to authenticate using SSL for all external IP addresses that
>>> I have in my subnet. I also want to be able to authenticate via
>>> non-SSL for localhost (not unix socket).
>>>
>>> I thought something like this would work:
>>>
>>> host all all 127.0.0.1/32 md5
>>> hostssl all all 192.168.0.1/24 md5
>>>
>>> But I have a localhost client that can't log in because it keeps
>>> trying to authenticate via SSL.
>>>
>>> What am I doing wrong? It seems simple enough.
>> What command are you typing?
>>
>> #nonssl
>> postgres$ psql -h localhost postgres
>> #ssl
>> postgres$ psql -h 192.168.1.1 postgres
>>
>
> psql -h localhost
>
> My "other" client is actually postfix and that's also specified as
> 'localhost'.
>
> I suppose you are going to tell me that there is a difference here?
> I've always assumed you had to use network IP ranges, not DNS like
> names (albeit localhost is a special case).
All good, it makes no difference.
try
hostnossl all all 127.0.0.1/32 md5
that should force non ssl for localhost connections, as long as there
are no entries before this one for localhost.
Hope that helps.
>
> ---------------------------(end of broadcast)---------------------------
> TIP 9: In versions below 8.0, the planner will ignore your desire to
> choose an index scan if your joining column's datatypes do not
> match
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | S.Balaji | 2006-11-20 12:07:25 | BUG #2772: Undefined Subroutine Pg::connectdb (" "); |
Previous Message | Tom Allison | 2006-11-20 11:29:22 | Re: pg_hba.conf |