Thread: password-less access, without using pg_hba

Reece Hart wrote
> I'd like to provide public access, without a password, to a database
> hosted
> on Amazon RDS.
>
> I'm familiar with using pg_hba.conf to enable trust (no) authentication
> for
> a user. pg_hba.conf is not available to DBAs on RDS.
>
> Is there any other way to achieve password-less login in postgresql? I
> tried alter user password NULL.
>
> Thanks,
> Reece

Doubtful.

You need to give people the correct server ip and user anyway so why not
just give them a password at the same time?

If you are trying to do some automated scripting there are other, better,
solutions than disabling the password requirement. Especially on a
public-visible server.

David J.






--
View this message in context:
http://postgresql.1045698.n5.nabble.com/password-less-access-without-using-pg-hba-tp5790947p5790948.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.

On 2/6/2014 6:07 PM, Reece Hart wrote:
> I'd like to provide public access, without a password, to a database
> hosted on Amazon RDS.
>
> I'm familiar with using pg_hba.conf to enable trust (no)
> authentication for a user. pg_hba.conf is not available to DBAs on RDS.
>
> Is there any other way to achieve password-less login in postgresql? I
> tried alter user password NULL.

.pgpass  is supported by any libpq based client.



--
john r pierce                                      37N 122W
somewhere on the middle of the left coast

Reece Hart wrote
> On Thu, Feb 6, 2014 at 6:37 PM, David Johnston <

> polobo@

> > wrote:
>
>> Doubtful.
>>
>
> Yeah, that's what I had assumed too.
>
> The question is motivated entirely by what I think would make it easier
> for
> users. In principle it's not difficult to give people a password (as I do
> now), but in practice it's a barrier that I'd like to eliminate.
>
> -Reece

If your users are connecting directly to a PostgreSQL database then the
presence or absence of a password has no significant impact on usability.
They have learned SQL and can interact with databases and likely expect to
need a password anyway.  Usually developers make things easier by writing
software that the users interact with instead of the database...

David J.



--
View this message in context:
http://postgresql.1045698.n5.nabble.com/password-less-access-without-using-pg-hba-tp5790947p5790966.html
Sent from the PostgreSQL - general mailing list archive at Nabble.com.

> On Thu, Feb 6, 2014 at 6:37 PM, David Johnston <polobo@yahoo.com> wrote:
>
>> Doubtful.
>>
>
> Yeah, that's what I had assumed too.
>
> The question is motivated entirely by what I think would make it easier for
> users. In principle it's not difficult to give people a password (as I do
> now), but in practice it's a barrier that I'd like to eliminate.

+1. I told Amazon's RDS guy in Japan that it is a major pain for
PostgreSQL users to not be able to touch pg_hba.conf.

Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese: http://www.sraoss.co.jp

On 02/06/2014 06:07 PM, Reece Hart wrote:
> I'd like to provide public access, without a password, to a database
> hosted on Amazon RDS.
>
> I'm familiar with using pg_hba.conf to enable trust (no)
> authentication for a user. pg_hba.conf is not available to DBAs on RDS.
>
> Is there any other way to achieve password-less login in postgresql? I
> tried alter user password NULL.
>
Ignoring the scary security issues....

If you can't access pg_hba.conf how about just sticking pgbouncer or
similar in the middle and have your users connect through that?

Cheers,
Steve