Date: Fri, 12 Sep 2003 18:01:19 -0500 From: Kirk Strauser <kirk@strauser.com> To: alexander v p <alex@big-blue.net> Cc: freebsd-questions@freebsd.org Subject: Re: Trying to secure PostgreSQL Message-ID: <87ad99bohs.fsf@strauser.com> In-Reply-To: <Pine.BSF.4.21.0309121834190.9620-100000@localhost> (alexander v. p.'s message of "Fri, 12 Sep 2003 18:36:43 -0400 (EDT)") References: <Pine.BSF.4.21.0309121834190.9620-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-=-= Content-Transfer-Encoding: quoted-printable At 2003-09-12T22:36:43Z, alexander v p <alex@big-blue.net> writes: > look in /usr/local/pgsql/data/pg_hba.conf=20 > by default is: > > local all all trust > host all all 127.0.0.1 255.255.255.255 trust > > what you have to do is to change trust into password or md5 > hope that helps > alex > p.s. restart postgres after you change the conf file. But when I do that, I'm prompted to enter the password for 'pgsql' whenever I start the service. That's pretty inconvenient when it's part of the boot process; the system would be effectively hung until I accessed the box, entered the password, and let the init sequence finish. I'd read of people coming up with a mechanism to pipe a password from some (hopefully) secure file on the system into the password prompt. Is that really the best way to handle this? =2D-=20 Kirk Strauser --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQA/YlBC5sRg+Y0CpvERAqQkAJ4xChZkwEz3qZV2Ak7PnPglVxjhxgCcCT/f hR+4+DmJWm1Mm1ubeZX9tIw= =w3k1 -----END PGP SIGNATURE----- --=-=-=--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87ad99bohs.fsf>