Thread: simple md5 authentication problems
Hi all, hope this is the right list.
I have postgres 8.1 running on linux. We have tests that mostly run on
windows. I want to run these tests on linux.
On these windows boxes, pg_hba.conf has just one line:
host all all 127.0.0.1/32 md5
They use 'postgres' as the user and password to connect to a db.
I couldn't start postgres on linux with just that line, so on linux I
have:
# "local" is for Unix domain socket connections only
local all all ident sameuser
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 ident sameuser
I created my db as:
postgres=# CREATE DATABASE maragato_test OWNER postgres;
I seem to have a user 'postgres' - I'm using the default.
postgres=# SELECT * FROM "pg_user";
usename | usesysid | usecreatedb | usesuper | usecatupd | passwd |
valuntil | useconfig
----------+----------+-------------+----------+-----------+----------+----------+-----------
postgres | 10 | t | t | t | ******** |
|
However, I get this error:
/home/postgres> psql -h localhost maragato_test postgres
Password for user postgres:
psql: FATAL: autenticação do tipo password falhou para usuário
"postgres"
Sorry - couldn't get local en_US working. That translates to:
Authentication of type password failed for user postgres. I think that
means 'ident password' . I tried to connect with java and I get the
same error.
I just need to connect to db 'maragato_test' on local host using
'postgres´ as the user and password, using md5.
Any ideas?
Robert
On 5 May 2006 02:22:32 -0700, robert <robertlazarski@gmail.com> wrote: > Hi all, hope this is the right list. > > I have postgres 8.1 running on linux. We have tests that mostly run on > windows. I want to run these tests on linux. > > On these windows boxes, pg_hba.conf has just one line: > > host all all 127.0.0.1/32 md5 > > They use 'postgres' as the user and password to connect to a db. > > I couldn't start postgres on linux with just that line, so on linux I > have: > > # "local" is for Unix domain socket connections only > local all all ident sameuser > # IPv4 local connections: > host all all 127.0.0.1/32 md5 > # IPv6 local connections: > host all all ::1/128 ident sameuser > > I created my db as: > postgres=# CREATE DATABASE maragato_test OWNER postgres; > > I seem to have a user 'postgres' - I'm using the default. > > postgres=# SELECT * FROM "pg_user"; > usename | usesysid | usecreatedb | usesuper | usecatupd | passwd | > valuntil | useconfig > ----------+----------+-------------+----------+-----------+----------+----------+----------- > postgres | 10 | t | t | t | ******** | > | > > However, I get this error: > > /home/postgres> psql -h localhost maragato_test postgres > Password for user postgres: > psql: FATAL: autenticação do tipo password falhou para usuário > "postgres" > > Sorry - couldn't get local en_US working. That translates to: > Authentication of type password failed for user postgres. I think that > means 'ident password' . I tried to connect with java and I get the > same error. > > I just need to connect to db 'maragato_test' on local host using > 'postgres´ as the user and password, using md5. Try '-h 127.0.0.1' rather than 'localhost' - it's still seeing the connection as coming through the socket, not through tcpip, so it's matching the "ident" rule. -- Postgresql & php tutorials http://www.designmagick.com/
Thanks for the response, but changing to 127.0.0.1 didn't help. Changing this line sets the db wide open: host all all 127.0.0.1/32 trust From there, another non-root login can access it with any user / password. What I really need is this command to work with a non-root account, with only the right username and password - in this case the pre-configured postgres account: psql -U postgres -h 127.0.0.1 robert "chris smith" escreveu: > On 5 May 2006 02:22:32 -0700, robert <robertlazarski@gmail.com> wrote: > > Hi all, hope this is the right list. > > > > I have postgres 8.1 running on linux. We have tests that mostly run on > > windows. I want to run these tests on linux. > > > > On these windows boxes, pg_hba.conf has just one line: > > > > host all all 127.0.0.1/32 md5 > > > > They use 'postgres' as the user and password to connect to a db. > > > > I couldn't start postgres on linux with just that line, so on linux I > > have: > > > > # "local" is for Unix domain socket connections only > > local all all ident sameuser > > # IPv4 local connections: > > host all all 127.0.0.1/32 md5 > > # IPv6 local connections: > > host all all ::1/128 ident sameuser > > > > I created my db as: > > postgres=# CREATE DATABASE maragato_test OWNER postgres; > > > > I seem to have a user 'postgres' - I'm using the default. > > > > postgres=# SELECT * FROM "pg_user"; > > usename | usesysid | usecreatedb | usesuper | usecatupd | passwd | > > valuntil | useconfig > > ----------+----------+-------------+----------+-----------+----------+----------+----------- > > postgres | 10 | t | t | t | ******** | > > | > > > > However, I get this error: > > > > /home/postgres> psql -h localhost maragato_test postgres > > Password for user postgres: > > psql: FATAL: autenticação do tipo password falhou para usuário > > "postgres" > > > > Sorry - couldn't get local en_US working. That translates to: > > Authentication of type password failed for user postgres. I think that > > means 'ident password' . I tried to connect with java and I get the > > same error. > > > > I just need to connect to db 'maragato_test' on local host using > > 'postgres´ as the user and password, using md5. > > Try '-h 127.0.0.1' rather than 'localhost' - it's still seeing the > connection as coming through the socket, not through tcpip, so it's > matching the "ident" rule. > > -- > Postgresql & php tutorials > http://www.designmagick.com/ > > ---------------------------(end of broadcast)--------------------------- > TIP 3: Have you checked our extensive FAQ? > > http://www.postgresql.org/docs/faq
> > > > > > # "local" is for Unix domain socket connections only > > > local all all ident sameuser > > > # IPv4 local connections: > > > host all all 127.0.0.1/32 md5 > > > # IPv6 local connections: > > > host all all ::1/128 ident sameuser > > > > > > I created my db as: > > > postgres=# CREATE DATABASE maragato_test OWNER postgres; > > > > > > I seem to have a user 'postgres' - I'm using the default. > > > > > > postgres=# SELECT * FROM "pg_user"; > > > usename | usesysid | usecreatedb | usesuper | usecatupd | passwd | > > > valuntil | useconfig > > > ----------+----------+-------------+----------+-----------+----------+----------+----------- > > > postgres | 10 | t | t | t | ******** | > > > | > > > > > > However, I get this error: > > > > > > /home/postgres> psql -h localhost maragato_test postgres > > > Password for user postgres: > > > psql: FATAL: autenticação do tipo password falhou para usuário > > > "postgres" > > > doesn't that user have to exist since you are using ident method? that means unix username == postgres username. do you have a user named maragato_test on the system? did you create that user in postgres and on the system?
On Mon, May 08, 2006 at 23:10:31 +0900, kmh496 <kmh496@kornet.net> wrote: > doesn't that user have to exist since you are using ident method? that > means unix username == postgres username. > do you have a user named maragato_test on the system? > did you create that user in postgres and on the system? Note that you can create custom mappings for which the unix user is not the same as the postgres user.
Bruno Wolff III escreveu:
> On Mon, May 08, 2006 at 23:10:31 +0900,
> kmh496 <kmh496@kornet.net> wrote:
> > doesn't that user have to exist since you are using ident method? that
> > means unix username == postgres username.
> > do you have a user named maragato_test on the system?
> > did you create that user in postgres and on the system?
>
> Note that you can create custom mappings for which the unix user is not
> the same as the postgres user.
>
I don't want to use ident and the unix user name. Let me try and
simplify my question:
1) Isn't the user 'postgres' pre-configured? Running this seems to
imply so: 'select datname from pg_database;'
datname
---------------
postgres
2) Is there a way to use this user 'postgres' with a non-root unix
account _not_ named postgres? I just want _any_ method - md5, ident,
whatever, that allows access to my db with user 'postgres' from an
account called myuser1, myuser2, and myuser3. Tomorrow it might be
myuser4.
3) I'm willing to try and use custom mappings if that's the easiest way
to solve my problem.
Thanks for the help,
Robert
On Mon, May 08, 2006 at 02:10:02PM -0700, robert wrote: > 1) Isn't the user 'postgres' pre-configured? Running this seems to > imply so: 'select datname from pg_database;' > datname > --------------- > postgres This demonstrates a *database* named postgres. Users are in the pg_user table. > 2) Is there a way to use this user 'postgres' with a non-root unix > account _not_ named postgres? I just want _any_ method - md5, ident, > whatever, that allows access to my db with user 'postgres' from an > account called myuser1, myuser2, and myuser3. Tomorrow it might be > myuser4. Absolutely, though the question is obviously why. It's a superuser account, you can create more of them if you like with createuser. If you want to use md5, setup a line in pg_hba.conf for md5 auth from wherever you're logging in (reload postmaster). For this to work you might need to ALTER USER postgres WITH PASSWORD 'blah' to set the password. If you want to use ident (no password), setup pg_hba.conf for ident using a mapname. You say "ident mapname" there. Then in pg_ident.conf setup the mapping for IDENT to PGUSERNAME there. Reload postmaster. You can use trust if you're desperate. Hope this helps, -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > From each according to his ability. To each according to his ability to litigate.