Re: Disable 'ident' as default auth method
| От | Markus Bräunig |
|---|---|
| Тема | Re: Disable 'ident' as default auth method |
| Дата | |
| Msg-id | D0CE882D-2881-4B91-805F-717D07684F6F@braeunig.biz обсуждение исходный текст |
| Ответ на | Re: Disable 'ident' as default auth method (Craig Ringer <craig@2ndquadrant.com>) |
| Список | pgsql-pkg-yum |
Hi,
OK you are talking about host connections.
ident maps to peer for local connections, so for these I would suggest implementing local directly.
For host connections I like the idea of reject. If I remember correctly the listen_addresses must be configured anyway (for remote access).
Regards
Markus
Am 09.10.2019 um 06:40 schrieb Craig Ringer <craig@2ndquadrant.com>:On Wed, 9 Oct 2019 at 12:36, Markus Bräunig <markus@braeunig.biz> wrote:Hi,we use peer authentication for local connections.local all postgres peerBy doing so you can just use #>psql as postgres-User (or using sudo -u postgres -i psql).Could be a valid default.Yes. I'm aware of that and think it's the sensible default for 'local' connections.I'm talking about 'host' connections for 127.0.0.1 and ::1 . The current default for that is nonsensical IMO.
В списке pgsql-pkg-yum по дате отправления: