P Kapat wrote:
> On Sun, Mar 15, 2009 at 9:08 AM, Bob McConnell <rmcconne@lightlink.com> wrote:
>> P Kapat wrote:
>>> Host A (IP : 1.2.3.4) has the 8.1.11 postgress server running. I want
>>> to set it up so that I can connect from Host B (IP 5.6.7.8).
>>>
>>> Relevant lines from /var/lib/pgsql/data/pg_hba.conf (on host A)
>>> local all postgres ident sameuser
>>> local all all ident sameuser
>>> host all all 127.0.0.1/32 md5
>>> host all foouser 5.6.7.8/32 md5
>>>
>>> Relevant lines form /var/lib/pgsql/data/postgresql.conf (on host A):
>>> listen_addresses = 'localhost,5.6.7.8'
>>>
>>> Will this work? The firewall has 5432 port open for connection between A
>>> and B.
>>>
>> Not quite. The listen_addresses should be 'localhost,1.2.3.4'. localhost is
>> 127.0.0.1, which can be reached by any process on that machine. The other
>> address is the TCP/IP address for the interface you want postgres to receive
>> connections on. It has to be an address on the same computer as your server.
>> i.e. one that shows up when you run 'ifconfig' on that box. It is probably
>> easier to just use '*' unless you have multiple network interfaces.
>>
>> Don't forget to restart the server after you change those files.
>
> @Peter, Bob: Thanks. I had a wrong notion of "listen_addresses"!
> Everything works fine now...
>
> One final question: Is there any "security" related difference
> between, listen_addresses='localhost, 1.2.3.4' and
> listen_addresses='*' that I should be aware of? There is only one
> network card on the server machine, so does it matter?
>
AFAICT, when you run 'ifconfig' you get a list of all the interfaces
that will be able to access the server when you use '*'. As long as you
only have the one NIC and the loopback device, it shouldn't make any
difference. But as soon as you add another NIC, configure a VM, or
define a TUN or TAP device for a VPN, etc., you might want to limit the
connection list just to minimize the load from that traffic. However,
the actual security is set up in pg_hba.conf.
Bob McConnell
N2SPP
