BUG #15035: scram-sha-256 blocks all logins
От | PG Bug reporting form |
---|---|
Тема | BUG #15035: scram-sha-256 blocks all logins |
Дата | |
Msg-id | 151723922191.1238.12656996435976596418@wrigleys.postgresql.org обсуждение исходный текст |
Ответы |
Re: BUG #15035: scram-sha-256 blocks all logins
(Tomas Vondra <tomas.vondra@2ndquadrant.com>)
|
Список | pgsql-bugs |
The following bug has been logged on the website: Bug reference: 15035 Logged by: Meirav Rath Email address: meirav.rath@imperva.com PostgreSQL version: 10.0 Operating system: windows server 2012 R2 Description: Hi, I'm trying to set up the new SCRAM-SHA-256 authentication method. The only problem is that the moment I set this in both postgresql.conf and pg_hba.conf I can no longer login with any user, and so I can't create new users with passwords that are compatible. Here's what pg_hba.conf looks like: # TYPE DATABASE USER ADDRESS METHOD # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 # Allow replication connections from localhost, by a user with the # replication privilege. host replication all 127.0.0.1/32 md5 host replication all ::1/128 md5 host all all 0.0.0.0/0 scram-sha-256 host all postgres 0.0.0.0/0 md5 And here's what postgresql.conf looks like: #------------------------------------------------------------------------------ # CONNECTIONS AND AUTHENTICATION #------------------------------------------------------------------------------ # - Connection Settings - listen_addresses = '*' # what IP address(es) to listen on; # comma-separated list of addresses; # defaults to 'localhost'; use '*' for all # (change requires restart) port = 5432 # (change requires restart) max_connections = 100 # (change requires restart) #superuser_reserved_connections = 3 # (change requires restart) #unix_socket_directories = '' # comma-separated list of directories # (change requires restart) #unix_socket_group = '' # (change requires restart) #unix_socket_permissions = 0777 # begin with 0 to use octal notation # (change requires restart) #bonjour = off # advertise server via Bonjour # (change requires restart) #bonjour_name = '' # defaults to the computer name # (change requires restart) # - Security and Authentication - #authentication_timeout = 1min # 1s-600s #ssl = off #ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers #ssl_prefer_server_ciphers = on #ssl_ecdh_curve = 'prime256v1' #ssl_dh_params_file = '' #ssl_cert_file = 'server.crt' #ssl_key_file = 'server.key' #ssl_ca_file = '' #ssl_crl_file = '' password_encryption = scram-sha-256 #db_user_namespace = off #row_security = on # GSSAPI using Kerberos #krb_server_keyfile = '' #krb_caseins_users = off # - TCP Keepalives - # see "man 7 tcp" for details #tcp_keepalives_idle = 0 # TCP_KEEPIDLE, in seconds; # 0 selects the system default #tcp_keepalives_interval = 0 # TCP_KEEPINTVL, in seconds; # 0 selects the system default #tcp_keepalives_count = 0 # TCP_KEEPCNT; # 0 selects the system default Please advise.
В списке pgsql-bugs по дате отправления:
Предыдущее
От: Tomas VondraДата:
Сообщение: Re: BUG #14932: SELECT DISTINCT val FROM table gets stuck in aninfinite loop
Следующее
От: PG Bug reporting formДата:
Сообщение: BUG #15036: Un-killable queries Hanging in BgWorkerShutdown