From owner-freebsd-questions@FreeBSD.ORG Tue Aug 13 14:55:10 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id ED6A7696 for ; Tue, 13 Aug 2013 14:55:10 +0000 (UTC) (envelope-from c.kworr@gmail.com) Received: from mail-lb0-x22a.google.com (mail-lb0-x22a.google.com [IPv6:2a00:1450:4010:c04::22a]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 718DB2C45 for ; Tue, 13 Aug 2013 14:55:10 +0000 (UTC) Received: by mail-lb0-f170.google.com with SMTP id r10so5925549lbi.1 for ; Tue, 13 Aug 2013 07:55:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:cc:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=gNMvrWsF+S2NUhwervewxRQXn/SO3OcmIhODaPK612k=; b=So5M2awcmprbL5W8aAZNojgt+0hHtmDTgR5vyYhLuxGypw0dDWJrVlH/bVXZC201n/ qGZDb6n468EwCidfqms+eVJYQZzKJJWCYqLOVjCRPPmz4nCEneG19189OFsKlkU5t4Ji 8Ofa96SiJffQsCxmzoDxXBpuSJZ+MJZvniTHYsqduG5ULq+5WGWURnMnDboihTYCEx/p bFuuxoRwP4eIetEaBWCoOM80G5F9QtNAex7Y9WLAWCzQ+4NS6MsJtEf/WdkDzL8wbO/L ZFBgi4fIOQvKdRmwKLn9CMtgM27ZdcGadQqsQvXZ16LRMVdbVUsqWpUxTANwqLTJMQkp tlSg== X-Received: by 10.152.25.135 with SMTP id c7mr1910219lag.39.1376405708428; Tue, 13 Aug 2013 07:55:08 -0700 (PDT) Received: from [192.168.1.128] (mau.donbass.com. [92.242.127.250]) by mx.google.com with ESMTPSA id eb20sm14055232lbb.15.2013.08.13.07.55.07 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 13 Aug 2013 07:55:07 -0700 (PDT) Message-ID: <520A48CA.2020009@gmail.com> Date: Tue, 13 Aug 2013 17:55:06 +0300 From: Volodymyr Kostyrko User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130809 Thunderbird/17.0.8 MIME-Version: 1.0 Subject: Re: trouble with PostgreSQL 9.2 on FreeBSD 10.0-CURRENT: superuser can not autheticate anymore with md5 password hash set References: <20130813163001.3194750f@telesto> <520A46A0.5010506@gmail.com> In-Reply-To: <520A46A0.5010506@gmail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Cc: "O. Hartmann" , FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Aug 2013 14:55:11 -0000 > 13.08.2013 17:30, O. Hartmann wrote: >> For the past I ran PostgreSQL 9.2 servers on FreeBSD 10.0-CURRENT >> successfully. But by now, out of the blue, login as the database's >> supervisor "pgsql" remotely isn't possible any more. >> >> The appropriate lines in pg_hba.conf are: >> >> local all pgsql md5 >> hostssl all pgsql 0.0.0.0/0 md5 >> >> The funny thing is: when login locally without providing a password >> (swap md5 to trust in the "local" line) and setting the password for >> the role "pgsql" via >> >> ALTER ROLE pgsql ENCRYPTED PASSWORD 'FooMe"; > > I guess ENCRYPTED means you are substituting FooMe with md5 hashed > password correctly salted with role name as postgresql requires? Silly me, that's wrong. ENCRYPTED only means that password will be stored encrypted on the disk. There's a side note about using ENCRYPTED password with postgres in the docs though: "Note that older clients might lack support for the MD5 authentication mechanism that is needed to work with passwords that are stored encrypted." -- Sphinx of black quartz, judge my vow.