H. Hall wrote:
Курашкин Дмитрий wrote:
Hi to all!
I have following systems:
1. Local machine with Windows XP SP2 and PostgreSQL 8.2 - test system.
2. Work server in local network (FreeBSD + PostgreSQL 8.2) - work
system.
I write client with Delphi 7 IDE and use Zeos Lib 6.6.2
(http://zeos.firmos.at/) for database access.
When I tried to connect to server I recieve error message: "SQL Error:
fe_sendauth: authentication type 5 not supported."
After searching in internet I found solution: set authentication
method "password" instead of "md5".
In file pg_hba.conf on local machine I wrote:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
host all all 127.0.0.1/32 password
and on server:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
host all all 192.168.3.0/24 password
My IP-address in local network is 192.168.3.16...
After that I can to connect to test PostgreSQL server on localhost,
and connection works fine, but attempt to connect to work server
finishes by
same error message "SQL Error: fe_sendauth: authentication type 5 not
supported."
I tried to place string in pg_hba.conf on first and last positions,
wrote names of databases and users instead of "all" but it doesn't
work.
Understanding the net mask:
----------------------------
The IPv4 address is 32bits, arranged in 4 sets of 8 bits each.
The decimal range for an IP mask is 0.0.0.0-255.255.255.255.
The net mask defines how many bits need to match, counting from the left.
For example a netmask /8 means the first 8 bits must exactly match,
for example 192.168.0.101/8 means all IPs beginning with 192 can
connect.
/16 means the: first 16 bits have to match that is the first two
numbers in the IP must match
e.g. 192.168.0.101/16 means that all IPs begining with 192.168 can
connect.
/32 means: the entire IP must match exactly for example
192.168.0.101/32 means that only an IP exactly equal to 192.168.0.101
may connect.
How can we use it:
# trust anyone attached to same machine as the database (no password
required)
host all all 127.0.0.1/32 trust
# allow anyone to attach to any db FROM THIS ONE IP but require a
password encrypted via md5
host all all 192.168.0.101/32 md5
Also note that the pg_hba.conf file is read only on server startup or
when the postmaster receives a SIGHUP signal. If you edit the file,
you must restart the server or SIGHUP the postmaster for the changes
to take effect.
You can use
pg_ctl reload -D /usr/local/pgsql/data
Note: /usr/local/pgsql/data is a Linux path to the database, use
equivalent for windows. The pg_ctl program is in the postgres bin
directory.
See this link for more info:
http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html
--Cheers,
HH
As I understand, my main problem is to force PostgreSQL server allow
me to connect with password authentication method, isn't it? And how I
can do that?
Sorry, got in a hurry and forgot to add some things:
1. Are you using ODBC to connect. If so, it could be that ODBC is having
the problem with MD5. I don't know if ODBC has such problems, just a
thought.
2. If you use password, you may have to change file postgresql.conf to
include this setting:
# (the default is on)
password_encryption = off
If you change this, you may also have to reset the users' passwords so
that they are stored in plain text i.e. non-encrypted.
3. How did you create users and assign passwords. Did you encrypt them?
You may want to review this:
http://www.postgresql.org/docs/8.0/interactive/sql-createuser.html
--Cheers,
HH
P. S. Sorry for poor english...
--
H. Hall
ReedyRiver Group LLC
http://www.reedyriver.com
