Hi all,
I'm looking to add an md5-based user to a postgres server, and I can't
seem to get psql to connect using SSL. Normally I use Kerberos to
connect, and that works flawlessly with SSL. I'd much prefer to use
SSL connections, so I'm wondering if there's something I'm doing
wrong.
Here's what happens with a Kerberos connection...works just fine,
connects using SSL:
$ /s/postgresql/bin/psql -h dumbo.cs.wisc.edu -p 5432 koczan_test
Welcome to psql 8.3.4, the PostgreSQL interactive terminal.
Type: \copyright for distribution terms
\h for help with SQL commands
\? for help with psql commands
\g or terminate with semicolon to execute query
\q to quit
SSL connection (cipher: DHE-RSA-AES256-SHA, bits: 256)
koczan_test=>
And an md5 connection...
$ /s/postgresql/bin/psql -h dumbo.cs.wisc.edu -p 5432 -U test_md5 koczan_test
Password for user test_md5:
psql: FATAL: no pg_hba.conf entry for host "128.105.162.36", user
"test_md5", database "koczan_test", SSL off
Here's my pg_hba.conf
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# this part disables remote "postgres" superuser connections
hostssl all postgres 127.0.0.1/32 krb5
hostssl all postgres 128.105.2.15/32 krb5
hostssl all postgres 128.105.207.19/32 krb5
hostssl all postgres 128.105.0.0/16 reject
hostssl all postgres 198.133.224.0/24 reject
# Testing out md5 users
hostssl all test_md5 128.105.0.0/16 md5
hostssl all test_md5 198.133.224.0/24 md5
# this part enables non-superuser connections
hostssl all nobody 128.105.0.0/16 trust
hostssl all nobody 198.133.224.0/24 trust
hostssl all all 128.105.0.0/16 krb5
hostssl all all 198.133.224.0/24 krb5
And "ssl = on" in my postgresql.conf.
Am I missing something, or am I just SOL when using SSL?
Thanks,
Peter
--
Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
