Thread: RE: [INTERFACES] pgaccess on win95 connection
> >Ok. It looks to me like you are trying to do the following: > >You have a Mandrake 6.1 machine on your LAN running PostgreSQL. You >further have a Windows machine on your LAN, from which you want to >connect to PostgreSQL running on the Mandrake 6.1 machine. > >To do this: >1.) In the pgaccess connection box, you will need to enter the hostname >or IP address of the server machine, not 'localhost'. > >2.) On the server machine, in the file '/var/lib/pgsql/pg_hba.conf', you >will need to add a line allowing access to the database from the IP >address or hostname of the Windows machine. If I remember correctly, you >can cause the postmaster to reread the pg_hba.conf file with a SIGHUP >sent to the postmaster process -- however, since it is apparent that you >are not very familiar with Unix-like systems, I recommend that you >restart the postmaster by executing, as root, >'/etc/rc.d/init.d/postgresql restart' -- this will completely restart >the postmaster. Found in this file 2 lines: 'local all trust' 'host all 127.0.0.1 255.255.255.255. trust' While this is not the ultimate security :-) doesn't it render the host accessible. The problem may be in Windows. 'ping' reports the target machine unreachable. Tried to ping my ISP and get the same response. Looks like I've got to do something here before I can go any farther. >Now try the connect again. > >You can test whether the server is up or not by, in Windows, going to a >DOS prompt and executing 'ping' with the server's IP address. > >You will also need to get a book on Unix administration; the O'Reilly >classic 'Essential System Administration' is a good start (www.ora.com). >Administering the PostgreSQL database requires a good knowledge of basic >system administration procedures -- and this O'Reilly book is one of the >best introductory sysadmin books you will find. I also recommend >reading Bruce's book when it is complete -- the current draft is >available on the www.postgresql.org site. > >And there's always the PostgreSQL documentation, which is installed by >default in the RPM installation in the directory >'/usr/doc/postgresql-6.5.3' -- since you are using Mandrake 6.1, just >point kfm over there, and browse around -- there is a complete copy of >the documentation there. > >Hope that helps. Thanks. I will look for these. And resurrect my Windows manuals. Started this effort with what I thought was lots of lead time. But you know what a Linux adventure is like. Consequently, I have less time now for both application development and basic research. So, what's new? Thanks Bill Barnes > >-- >Lamar Owen >WGCR Internet Radio >1 Peter 4:11 ------------------------------------------------------------ This e-mail has been sent to you courtesy of OperaMail, a free web-based service from Opera Software, makers of the award-winning Web Browser - http://www.operasoftware.com ------------------------------------------------------------ ************
Bill Barnes wrote: > >2.) On the server machine, in the file '/var/lib/pgsql/pg_hba.conf', you > >will need to add a line allowing access to the database from the IP > >address or hostname of the Windows machine. If I remember correctly, you > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No, it doesn't. This only allows access to localhost. Assume for a minute that the Windows machine is address 10.21.34.98. You need a line: host all 10.21.34.98 255.255.255.255 To give access to all hosts on the 10.21.34.0 network access: host all 10.21.34.0 255.255.255.0 > Looks like I've got to do something here before I can go any farther. Yes, it does. > Thanks. I will look for these. And resurrect my Windows manuals. > Started this effort with what I thought was lots of lead time. But you know > what a Linux adventure is like. Consequently, I have less time now for both > application development and basic research. So, what's new? I remember well my adventure setting up PostgreSQL (then at version 6.1.1) on Linux to back a web server. The documentation wasn't as good then, however. -- Lamar Owen WGCR Internet Radio 1 Peter 4:11 ************
On 29 Nov, Bill Barnes wrote: >> > [ Snip config. hints] > > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No. These two lines allow (respectively) access from the server machine over UDP and access from the server machine over TCP. Neither line allows access from outside the server machine. What you want is something like: host all 192.168.1.0 255.255.255.0 trust where the two numbers are IP addresses and masks suitable for your LAN, or host all 192.168.1.123 255.255.255.255 trust where 192.168.1.123 is the IP address of the (single) Windows machine from which you are connecting. And of course you want to consider the security implications of trusting the Windows machine to tell you who is logged on, etc. You may want to look at the other authentication methods available. > [ Snip more admin hints ] HTH, Ewan. ************
On 29 Nov, Bill Barnes wrote: >> > [ Snip config. hints] > > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No. These two lines allow (respectively) access from the server machine over UDP and access from the server machine over TCP. Neither line allows access from outside the server machine. What you want is something like: host all 192.168.1.0 255.255.255.0 trust where the two numbers are IP addresses and masks suitable for your LAN, or host all 192.168.1.123 255.255.255.255 trust where 192.168.1.123 is the IP address of the (single) Windows machine from which you are connecting. And of course you want to consider the security implications of trusting the Windows machine to tell you who is logged on, etc. You may want to look at the other authentication methods available. > [ Snip more admin hints ] HTH, Ewan. ************
Bill Barnes wrote: > >2.) On the server machine, in the file '/var/lib/pgsql/pg_hba.conf', you > >will need to add a line allowing access to the database from the IP > >address or hostname of the Windows machine. If I remember correctly, you > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No, it doesn't. This only allows access to localhost. Assume for a minute that the Windows machine is address 10.21.34.98. You need a line: host all 10.21.34.98 255.255.255.255 To give access to all hosts on the 10.21.34.0 network access: host all 10.21.34.0 255.255.255.0 > Looks like I've got to do something here before I can go any farther. Yes, it does. > Thanks. I will look for these. And resurrect my Windows manuals. > Started this effort with what I thought was lots of lead time. But you know > what a Linux adventure is like. Consequently, I have less time now for both > application development and basic research. So, what's new? I remember well my adventure setting up PostgreSQL (then at version 6.1.1) on Linux to back a web server. The documentation wasn't as good then, however. -- Lamar Owen WGCR Internet Radio 1 Peter 4:11 ************
On 29 Nov, Bill Barnes wrote: >> > [ Snip config. hints] > > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No. These two lines allow (respectively) access from the server machine over UDP and access from the server machine over TCP. Neither line allows access from outside the server machine. What you want is something like: host all 192.168.1.0 255.255.255.0 trust where the two numbers are IP addresses and masks suitable for your LAN, or host all 192.168.1.123 255.255.255.255 trust where 192.168.1.123 is the IP address of the (single) Windows machine from which you are connecting. And of course you want to consider the security implications of trusting the Windows machine to tell you who is logged on, etc. You may want to look at the other authentication methods available. > [ Snip more admin hints ] HTH, Ewan. ************
Bill Barnes wrote: > >2.) On the server machine, in the file '/var/lib/pgsql/pg_hba.conf', you > >will need to add a line allowing access to the database from the IP > >address or hostname of the Windows machine. If I remember correctly, you > Found in this file 2 lines: > 'local all > trust' > 'host all 127.0.0.1 255.255.255.255. > trust' > While this is not the ultimate security :-) doesn't it render the host > accessible. No, it doesn't. This only allows access to localhost. Assume for a minute that the Windows machine is address 10.21.34.98. You need a line: host all 10.21.34.98 255.255.255.255 To give access to all hosts on the 10.21.34.0 network access: host all 10.21.34.0 255.255.255.0 > Looks like I've got to do something here before I can go any farther. Yes, it does. > Thanks. I will look for these. And resurrect my Windows manuals. > Started this effort with what I thought was lots of lead time. But you know > what a Linux adventure is like. Consequently, I have less time now for both > application development and basic research. So, what's new? I remember well my adventure setting up PostgreSQL (then at version 6.1.1) on Linux to back a web server. The documentation wasn't as good then, however. -- Lamar Owen WGCR Internet Radio 1 Peter 4:11 ************