Trying to secure PostgreSQL
Kirk Strauser
kirk at strauser.com
Fri Sep 12 16:01:29 PDT 2003
At 2003-09-12T22:36:43Z, alexander v p <alex at big-blue.net> writes:
> look in /usr/local/pgsql/data/pg_hba.conf
> by default is:
>
> local all all trust
> host all all 127.0.0.1 255.255.255.255 trust
>
> what you have to do is to change trust into password or md5
> hope that helps
> alex
> p.s. restart postgres after you change the conf file.
But when I do that, I'm prompted to enter the password for 'pgsql' whenever
I start the service. That's pretty inconvenient when it's part of the boot
process; the system would be effectively hung until I accessed the box,
entered the password, and let the init sequence finish.
I'd read of people coming up with a mechanism to pipe a password from some
(hopefully) secure file on the system into the password prompt. Is that
really the best way to handle this?
--
Kirk Strauser
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20030912/3ce017ee/attachment-0001.bin
More information about the freebsd-questions
mailing list