Menu
conf File. Client authentication is controlled by a configuration file, which traditionally is named pg_hba. conf and is stored in the database cluster's data directory. ( HBA stands for host-based authentication.)
pg_hba. conf is the PostgreSQL access policy configuration file, which is located in the /var/lib/pgsql/10/data/ directory (PostgreSQL10) by default.
You will find pg_hba. conf file in whatever you selected as your data directory. Secondly, if you used apt utility then you should find it in /etc/postgresql/8.4/main you can also do a 'find' on the filename but doing that on the entire disk is cpu-consuming.
PostgreSQL will check the authentication method via the pg_hba. conf for every connection request. This check is performed every time a new connection is requested from the PostgreSQL server, so there is no need to re-start PostgreSQL after you add, modify or remove an entry in the pg_hba.
If you can change this line:
host all all 192.168.0.1/32 md5
With this:
host all all all md5
You can see if this solves the problem.
But another consideration is your postgresql port(5432) is very open to password attacks with hackers (maybe they can brute force the password). You can change your postgresql port 5432 to '33333' or another value, so they can't know this configuration.
In your pg_hba.conf file, I see some incorrect and confusing lines:
# fine, this allows all dbs, all users, to be trusted from 192.168.0.1/32
# not recommend because of the lax permissions
host all all 192.168.0.1/32 trust
# wrong, /128 is an invalid netmask for ipv4, this line should be removed
host all all 192.168.0.1/128 trust
# this conflicts with the first line
# it says that that the password should be md5 and not plaintext
# I think the first line should be removed
host all all 192.168.0.1/32 md5
# this is fine except is it unnecessary because of the previous line
# which allows any user and any database to connect with md5 password
host chaosLRdb postgres 192.168.0.1/32 md5
# wrong, on local lines, an IP cannot be specified
# remove the 4th column
local all all 192.168.0.1/32 trust
I suspect that if you md5'd the password, this might work if you trim the lines. To get the md5 you can use perl or the following shell script:
echo -n 'chaos123' | md5sum
> d6766c33ba6cf0bb249b37151b068f10 -
So then your connect line would like something like:
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433",
"chaosuser", "d6766c33ba6cf0bb249b37151b068f10");
For more information, here's the documentation of postgres 8.X's pg_hba.conf file.
Your postgres server configuration seems correct
host all all 127.0.0.1/32 md5
host all all 192.168.0.1/32 trust
Test this by creating a specific user for that database
createuser -a -d -W -U postgres chaosuser
Then adjust your perl script to use the newly created user
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433", "chaosuser", "chaos123");
To resolve this problem, you can try this.
first, you have found out your pg_hba.conf by:
cd /etc/postgresql/9.5/main from your root directory
and open file using
sudo nano pg_hba.conf
then add this line:
local all all md5
to your pg_hba.conf and then restart by using the command:
sudo service postgresql restart
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With