On 2020-03-26 21:33:51 +0100, Christoph Moench-Tegeder wrote:
> ## Ted To (ted@xxxxxxx):
> > Thank you -- I added two lines to the hba file to allow for ident
> > authentication, restarted postgres and still the same errors.
>
> You probably don't want "ident" authentication - that's the thing
> with "identd" (see RfC 1413),
Depends on the type of socket. For unix sockets it's the same as peer
authentication.
> which even 20 years ago was only used in connection with IRC, but not
> really for "authentication".
I don't think there are any linux distributions which install identd by
default any more, so it wouldn't work anyway.
> You'd rather want "scram-sha-256" as the authentication method (hoping
> that whatever-go-uses can do that - come on, we got that in version 10),
> or (if that's not possible) "md5".
Actually, for local connections I prefer "peer". I'm already
authenticated by the OS, no need for a (second) password.
I should add that you shouldn't use "trust" unless
* no connection from other hosts is allowed, and
* all users on this host should have full access anyway.
This is rarely the case.
hp
--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp@xxxxxx | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"
Attachment:
signature.asc
Description: PGP signature
