You can add a filename to the "password" keyword. Thsi filename contains the username/crypted password of the users you
wantto be able to connect from the servip to the dbX.
The lines in pg_hba looks like :
host bd1 serverip1 netmask password password.username1
host bd2 serverip2 netmask password password.username2
You can create the "password.*" files using the pg_passwd command.
This way, passwords are stored in files rather than in the pg_shadow table, and you cannot use the "crypt" authmode.
It seems that ODBC access from remote workstations can't use the crypt authmode, so it is not a real problem. Can
someonetell me if it's true ?
Second problem : you must set the suer password in both the pg_shadow table (using psql), and the passwd.* files (using
pg_passwd).
Yours,
Nicolas Huillard
-----Message d'origine-----
De: Mark Jewiss [SMTP:Mark.Jewiss@knowledge.com]
Date: jeudi 14 octobre 1999 16:50
À: pgsql-general@postgreSQL.org
Objet: [GENERAL] Another access control query
Hello,
Similar to other questions I've seen posed in the last day or so,
apologies if this exact question has been asked, I don't think it has.
I want to restrict access to a set of databases to connections from a
specfic machine and a specific user.
Lines in my pg_hba.conf file are similar to this:
host db1 serverip netmask password
Effectively what I want to do is have something like:
host db1 username1 serverip netmask password
host db2 username2 serverip netmask password
thereby ensuring that it is not possible for user2 to connect to db1 from
the same machine.
I know I can set up the different db's so that table security only gives
any access to the user I want, but that is fiddly. Being able to do the
above and prevent connections to the database will resolve that issue.
Any ideas?
Regards,
Mark.
--
Mark Jewiss
Knowledge Matters Limited
http://www.knowledge.com
************
