Thread: Need help in enabling remote connection
Hi,
I want a postgres client to be able to connect to a postgres sever on a remote machine. But i'm not able to make it work. Assume both the machines are on a LAN 10.0.0.* .Following available advice, this is what i did:
I want a postgres client to be able to connect to a postgres sever on a remote machine. But i'm not able to make it work. Assume both the machines are on a LAN 10.0.0.* .Following available advice, this is what i did:
-- In pg_hba.conf, i added the line
host all all 10.0.0.1/24 trust
-- In postgresql.conf, i added the line
listen_addresses = 10.0.0.*
-- Restarted the server with the cmd
./pg_ctl -D <data_folder> reload
This doesn't work. What else should i do to make remote connection work?
I'm lost! Please help!
Thanks a lot,
Shruthi
Hello,
I think you make mistake writing "listen_addresses = 10.0.0.*". I doubt it can be done like this... Try "listen_addresses = '*'" first. Also see, that addresses are in form '10.0.0.1' and not 10.0.0.1. (use ' )
If this doesn't help try telneting server (port 5432) from client mashine. Maybe theres a firewall in between??
2009.11.02 15:26, Shruthi A rašė:
I think you make mistake writing "listen_addresses = 10.0.0.*". I doubt it can be done like this... Try "listen_addresses = '*'" first. Also see, that addresses are in form '10.0.0.1' and not 10.0.0.1. (use ' )
If this doesn't help try telneting server (port 5432) from client mashine. Maybe theres a firewall in between??
2009.11.02 15:26, Shruthi A rašė:
Hi,
I want a postgres client to be able to connect to a postgres sever on a remote machine. But i'm not able to make it work. Assume both the machines are on a LAN 10.0.0.* .Following available advice, this is what i did:
-- In pg_hba.conf, i added the line
host all all 10.0.0.1/24 trust
-- In postgresql.conf, i added the line
listen_addresses = 10.0.0.*
-- Restarted the server with the cmd
./pg_ctl -D <data_folder> reload
This doesn't work. What else should i do to make remote connection work?
I'm lost! Please help!
Thanks a lot,
Shruthi
-- Julius Tuskenis Programavimo skyriaus vadovas UAB nSoft mob. +37068233050
Attachment
2009/11/2 Shruthi A <shruthi.iisc@gmail.com>: > Hi, > > I want a postgres client to be able to connect to a postgres sever on a > remote machine. But i'm not able to make it work. Assume both the machines > are on a LAN 10.0.0.* .Following available advice, this is what i did: > > -- In pg_hba.conf, i added the line > host all all 10.0.0.1/24 trust > > -- In postgresql.conf, i added the line > listen_addresses = 10.0.0.* Try something like this: listen_addresses = 'localhost,10.0.0.123' port = 5432 assuming 123 is the correct number for your server's IP address > -- Restarted the server with the cmd > ./pg_ctl -D <data_folder> reload > > This doesn't work. What else should i do to make remote connection work? > > I'm lost! Please help! > > Thanks a lot, > > Shruthi > -- Brian Modra Land line: +27 23 5411 462 Mobile: +27 79 69 77 082 5 Jan Louw Str, Prince Albert, 6930 Postal: P.O. Box 2, Prince Albert 6930 South Africa http://www.zwartberg.com/
host all all 10.0.0.1/24 trust >> host all all <IP/32> trust -- In postgresql.conf, i added the line listen_addresses = 10.0.0.*
|
-- In pg_hba.conf, i added the line
host all all 10.0.0.1/24 trust
-- In postgresql.conf, i added the line
listen_addresses = 10.0.0.*
-- Restarted the server with the cmd
./pg_ctl -D <data_folder> reload
This doesn't work. What else should i do to make remote connection work?
I'm lost! Please help!
Thanks a lot,
Shruthi
Connect more, do more and share more with Yahoo! India Mail. Learn more.
Hi all,
Thanks a lot for all your replies. The problem is solved now. This is the correct thing to do: listen_addresses = '*'
And then restart the service.
Additional notes:
-- Remember to use single quotes around the * else it will give syntax error.
-- The listen_addresses parameter specifies the client addresses, and not the server.
-- Once this service is started, telneting the server on the given port successfully connects.
-- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 as the mask '24' means that the first 3 octets (24 bits from the left hand side) must match ie both mean simply 10.0.0.*
-- And i think 'trust' should be fine assuming that this will be used on an isolated network with a few trusted machines or a secure network where a firewall protects a given set of ports.
-- Dear Brian Modra, i guess listen_addresses = 'localhost,10.0.0.123' will give error. It should be written as listen_addresses = 'localhost','10.0.0.123' that is each IP should be quoted separately.
Thanks again,
Shruthi
Thanks a lot for all your replies. The problem is solved now. This is the correct thing to do: listen_addresses = '*'
And then restart the service.
Additional notes:
-- Remember to use single quotes around the * else it will give syntax error.
-- The listen_addresses parameter specifies the client addresses, and not the server.
-- Once this service is started, telneting the server on the given port successfully connects.
-- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 as the mask '24' means that the first 3 octets (24 bits from the left hand side) must match ie both mean simply 10.0.0.*
-- And i think 'trust' should be fine assuming that this will be used on an isolated network with a few trusted machines or a secure network where a firewall protects a given set of ports.
-- Dear Brian Modra, i guess listen_addresses = 'localhost,10.0.0.123' will give error. It should be written as listen_addresses = 'localhost','10.0.0.123' that is each IP should be quoted separately.
Thanks again,
Shruthi
On Mon, Nov 2, 2009 at 6:56 PM, Shruthi A <shruthi.iisc@gmail.com> wrote:
Hi,
I want a postgres client to be able to connect to a postgres sever on a remote machine. But i'm not able to make it work. Assume both the machines are on a LAN 10.0.0.* .Following available advice, this is what i did:-- In pg_hba.conf, i added the line
host all all 10.0.0.1/24 trust-- In postgresql.conf, i added the line
listen_addresses = 10.0.0.*-- Restarted the server with the cmd
./pg_ctl -D <data_folder> reload
This doesn't work. What else should i do to make remote connection work?I'm lost! Please help!
Thanks a lot,
Shruthi
On Tue, Nov 3, 2009 at 1:53 AM, Shruthi A <shruthi.iisc@gmail.com> wrote: > Hi all, > > Thanks a lot for all your replies. The problem is solved now. This is the > correct thing to do: listen_addresses = '*' > And then restart the service. > > Additional notes: > -- Remember to use single quotes around the * else it will give syntax > error. > -- The listen_addresses parameter specifies the client addresses, and not > the server. No, the listen_address specifies which SERVER ip address to listen on. * means to listen on all interfaces. You can pick individual interfaces to listen on on the server by changing * to one of a server's IP addresses. > -- Once this service is started, telneting the server on the given port > successfully connects. > -- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 as the > mask '24' means that the first 3 octets (24 bits from the left hand side) > must match ie both mean simply 10.0.0.* Actually 10.0.0.0/24 means that the right hand 24 bits don't matter, so anything starting with 10. will match. > -- And i think 'trust' should be fine assuming that this will be used on an > isolated network with a few trusted machines or a secure network where a > firewall protects a given set of ports. Exactly. Most databases used by an application are firewalled off in such a way that having strict passworded access just moves the place your vulnerable to db hacking from the db to the app. > -- Dear Brian Modra, i guess listen_addresses = 'localhost,10.0.0.123' > will give error. It should be written as listen_addresses = > 'localhost','10.0.0.123' that is each IP should be quoted separately. Yep. same is true for things like search_path. Glad you're up and running. Hope you're having fun with your db.
Scott Marlowe <scott.marlowe@gmail.com> wrote: >> -- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 >> as the mask '24' means that the first 3 octets (24 bits from the >> left hand side) must match ie both mean simply 10.0.0.* > > Actually 10.0.0.0/24 means that the right hand 24 bits don't matter, > so anything starting with 10. will match. I think you're mistaken on that. The comment in pg_hbs.conf matches everything else I can find on the topic: # CIDR-ADDRESS specifies the set of hosts the record matches. # It is made up of an IP address and a CIDR mask that is an integer # (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies # the number of significant bits in the mask. -Kevin
On Tue, Nov 3, 2009 at 11:26 AM, Kevin Grittner <Kevin.Grittner@wicourts.gov> wrote: > Scott Marlowe <scott.marlowe@gmail.com> wrote: > >>> -- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 >>> as the mask '24' means that the first 3 octets (24 bits from the >>> left hand side) must match ie both mean simply 10.0.0.* >> >> Actually 10.0.0.0/24 means that the right hand 24 bits don't matter, >> so anything starting with 10. will match. > > I think you're mistaken on that. The comment in pg_hbs.conf matches > everything else I can find on the topic: > > # CIDR-ADDRESS specifies the set of hosts the record matches. > # It is made up of an IP address and a CIDR mask that is an integer > # (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies > # the number of significant bits in the mask. Yeap, got it backwards. Thanks.
On Tue, November 3, 2009 10:10, Scott Marlowe wrote: > On Tue, Nov 3, 2009 at 1:53 AM, Shruthi A <shruthi.iisc@gmail.com> wrote: >> Hi all, >> >> -- Once this service is started, telneting the server on the given port >> successfully connects. >> -- Dear Ian Lea, i guess 10.0.0.1/24 is the same as 10.0.0.0/24 as the >> mask '24' means that the first 3 octets (24 bits from the left hand >> side) >> must match ie both mean simply 10.0.0.* > > Actually 10.0.0.0/24 means that the right hand 24 bits don't matter, > so anything starting with 10. will match. > Actually, it is the 24 left-most bits that matter, so this sets up a network of 24 bits with 255 hosts that can connect. I wasn't sure of this, so I just verified it with one of our network engineers at work. Tim -- Timothy J. Bruce Registered Linux User #325725