Обсуждение: Dynamic IP authentication
Does anyone know a way of authenticating client applications with dynamic IP addresses? All our client machines are receiving dynamic IP addresses. Is there a way to set up the pg_hba file to allow for this, or is there another way to configure connections so as not to use this file? Any thoughts would be appreciated. Thank you! Richard Dockery Facilities Information Technology Group University Of New Hampshire richard.dockery@unh.edu 603.862.1803
On Fri, 19 Mar 2004, Richard Dockery wrote: > Does anyone know a way of authenticating client applications with dynamic IP > addresses? All our client machines are receiving dynamic IP addresses. Is > there a way to set up the pg_hba file to allow for this, or is there another > way to configure connections so as not to use this file? > Any thoughts would be appreciated. > Thank you! Open access to the whole IP range, but require passwords. I think you can wrap in SSL as well. -- Sam Barnett-Cormack Software Developer | Student of Physics & Maths UK Mirror Service (http://www.mirror.ac.uk) | Lancaster University
Sam Barnett-Cormack wrote:
> On Fri, 19 Mar 2004, Richard Dockery wrote:
>
>
>> Does anyone know a way of authenticating client applications with
dynamic IP
>> addresses? All our client machines are receiving dynamic IP
addresses. Is
>> there a way to set up the pg_hba file to allow for this, or is there
another
>> way to configure connections so as not to use this file?
>> Any thoughts would be appreciated.
>> Thank you!
>
>
>
> Open access to the whole IP range, but require passwords. I think you
> can wrap in SSL as well.
>
This is what I do, and now I won't let non-SSL connections through. The
pg_hba.conf entry that lets me connect over SSL from anywhere looks like
this:
hostssl all mitchy 0.0.0.0 0.0.0.0 password
Of course you need to configure your database box with an SSL key, which
is well documented.
-- Mitch