[pgpool-general: 4041] Re: MD5 authentication

Thomas SIMON tsimon at neteven.com
Wed Sep 9 00:27:51 JST 2015


> [ Comments below, in-line ]
>
>
> On 09/08/2015 11:11 AM, Thomas SIMON wrote:
>> Hi all,
>
> Hi Thomas
Hi Pablo
>
>> I'm using pgpool in master/slave mode, with passwords stored in
>> pool_passwd.  Postgres and pgpool are on the same host.
>>
>> I'm trying to configure md5 access to my pgpool instance, with
>> following configuration in pg_hba.conf
>>
>> # IPv4 local connections:
>> host    all             all             127.0.0.1/32 trust
>
> What other settings do you have in pg_hba.conf?
>
>    grep -v '^#' pg_hba.conf | grep -v '^$'
>

I have following lines :

local   all             postgres                                trust
local   all             all                                     trust
host    all             all             127.0.0.1/32            trust
host    all         all         172.20.0.101/32         trust	#for pg2/pgpool
host    all         all         172.20.0.0/16         md5
host    replication     replicator		172.20.0.100/32           trust #pg1
host    replication     replicator		172.20.0.101/32           trust #pg2


>
>> And this configuuration in pool_pba.conf
>>
>> host    all         all         my_ip/32     md5
>>
>> When i'm connecting with " psql -p 9999 -h my_ip db -U user" ; with any
>> user, pgpool never asks me a password, and i'm directly logged in.
>> Can anyone knows why pgpool does not asks me for password ?
>
> Also, in order to get PGPool to use its /pool_hba.conf/ I had to pass
> the following argument at start up of PGPool:
>
>    -a /etc/pgpool-II/pool_hba.conf
>
> In my case, the .conf file is found in /etc/pgpool-II
>
> Just to be sure, you need to have the following enabled in
> /pgpool.conf/:
>
>    enable_pool_hba = on
>    pool_passwd = 'pool_passwd'
>
> The pool_passwd should have entries like the following:
>
>    someuser:md5aabbcc...
>
I have this parameters enabled, and pool_hba.conf is loaded, because if 
I try to come from another IP, I have an negative answer from it
ERROR:  no pool_hba.conf entry for host "1.2.3.4", user "toto", database 
"db1", SSL on

Pgpool seems to always trust me...

> I hope the above helps.
>
> Cheers,
> -- 
> Pablo Sanchez - Blueoak Database Engineering, Inc
> Ph:    819.459.1926         Blog:  http://pablo-blog.blueoakdb.com
> iNum:  883.5100.0990.1054
>
> _______________________________________________
> pgpool-general mailing list
> pgpool-general at pgpool.net
> http://www.pgpool.net/mailman/listinfo/pgpool-general



More information about the pgpool-general mailing list