Обсуждение: Problems with connection
Hi to all! I have following systems: 1. Local machine with Windows XP SP2 and PostgreSQL 8.2 - test system. 2. Work server in local network (FreeBSD + PostgreSQL 8.2) - work system. I write client with Delphi 7 IDE and use Zeos Lib 6.6.2 (http://zeos.firmos.at/) for database access. When I tried to connect to server I recieve error message: "SQL Error: fe_sendauth: authentication type 5 not supported." After searching in internet I found solution: set authentication method "password" instead of "md5". In file pg_hba.conf on local machine I wrote: # TYPE DATABASE USER CIDR-ADDRESS METHOD host all all 127.0.0.1/32 password and on server: # TYPE DATABASE USER CIDR-ADDRESS METHOD host all all 192.168.3.0/24 password My IP-address in local network is 192.168.3.16... After that I can to connect to test PostgreSQL server on localhost, and connection works fine, but attempt to connect to work server finishes by same error message "SQL Error: fe_sendauth: authentication type 5 not supported." I tried to place string in pg_hba.conf on first and last positions, wrote names of databases and users instead of "all" but it doesn't work. As I understand, my main problem is to force PostgreSQL server allow me to connect with password authentication method, isn't it? And how I can do that? P. S. Sorry for poor english...
Στις Friday 08 August 2008 09:21:22 ο/η Курашкин Дмитрий έγραψε: maybe the listen_addresses in postgresql.conf in Server installation? -- Achilleas Mantzios
Курашкин Дмитрий wrote: > Hi to all! > > I have following systems: > 1. Local machine with Windows XP SP2 and PostgreSQL 8.2 - test system. > 2. Work server in local network (FreeBSD + PostgreSQL 8.2) - work > system. > > I write client with Delphi 7 IDE and use Zeos Lib 6.6.2 > (http://zeos.firmos.at/) for database access. > > When I tried to connect to server I recieve error message: "SQL Error: > fe_sendauth: authentication type 5 not supported." > After searching in internet I found solution: set authentication > method "password" instead of "md5". > In file pg_hba.conf on local machine I wrote: > > # TYPE DATABASE USER CIDR-ADDRESS METHOD > host all all 127.0.0.1/32 password > > and on server: > # TYPE DATABASE USER CIDR-ADDRESS METHOD > host all all 192.168.3.0/24 password > > My IP-address in local network is 192.168.3.16... > > After that I can to connect to test PostgreSQL server on localhost, > and connection works fine, but attempt to connect to work server finishes by > same error message "SQL Error: fe_sendauth: authentication type 5 not > supported." > > I tried to place string in pg_hba.conf on first and last positions, > wrote names of databases and users instead of "all" but it doesn't > work. > Understanding the net mask: ---------------------------- The IPv4 address is 32bits, arranged in 4 sets of 8 bits each. The decimal range for an IP mask is 0.0.0.0-255.255.255.255. The net mask defines how many bits need to match, counting from the left. For example a netmask /8 means the first 8 bits must exactly match, for example 192.168.0.101/8 means all IPs beginning with 192 can connect. /16 means the: first 16 bits have to match that is the first two numbers in the IP must match e.g. 192.168.0.101/16 means that all IPs begining with 192.168 can connect. /32 means: the entire IP must match exactly for example 192.168.0.101/32 means that only an IP exactly equal to 192.168.0.101 may connect. How can we use it: # trust anyone attached to same machine as the database (no password required) host all all 127.0.0.1/32 trust # allow anyone to attach to any db FROM THIS ONE IP but require a password encrypted via md5 host all all 192.168.0.101/32 md5 Also note that the pg_hba.conf file is read only on server startup or when the postmaster receives a SIGHUP signal. If you edit the file, you must restart the server or SIGHUP the postmaster for the changes to take effect. You can use pg_ctl reload -D /usr/local/pgsql/data Note: /usr/local/pgsql/data is a Linux path to the database, use equivalent for windows. The pg_ctl program is in the postgres bin directory. See this link for more info: http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html --Cheers, HH > As I understand, my main problem is to force PostgreSQL server allow > me to connect with password authentication method, isn't it? And how I > can do that? > > P. S. Sorry for poor english... > > > -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com
H. Hall wrote: > Курашкин Дмитрий wrote: >> Hi to all! >> >> I have following systems: >> 1. Local machine with Windows XP SP2 and PostgreSQL 8.2 - test system. >> 2. Work server in local network (FreeBSD + PostgreSQL 8.2) - work >> system. >> >> I write client with Delphi 7 IDE and use Zeos Lib 6.6.2 >> (http://zeos.firmos.at/) for database access. >> >> When I tried to connect to server I recieve error message: "SQL Error: >> fe_sendauth: authentication type 5 not supported." >> After searching in internet I found solution: set authentication >> method "password" instead of "md5". >> In file pg_hba.conf on local machine I wrote: >> >> # TYPE DATABASE USER CIDR-ADDRESS METHOD >> host all all 127.0.0.1/32 password >> >> and on server: >> # TYPE DATABASE USER CIDR-ADDRESS METHOD >> host all all 192.168.3.0/24 password >> >> My IP-address in local network is 192.168.3.16... >> >> After that I can to connect to test PostgreSQL server on localhost, >> and connection works fine, but attempt to connect to work server >> finishes by >> same error message "SQL Error: fe_sendauth: authentication type 5 not >> supported." >> >> I tried to place string in pg_hba.conf on first and last positions, >> wrote names of databases and users instead of "all" but it doesn't >> work. >> > Understanding the net mask: > ---------------------------- > The IPv4 address is 32bits, arranged in 4 sets of 8 bits each. > The decimal range for an IP mask is 0.0.0.0-255.255.255.255. > The net mask defines how many bits need to match, counting from the left. > > For example a netmask /8 means the first 8 bits must exactly match, > for example 192.168.0.101/8 means all IPs beginning with 192 can > connect. > /16 means the: first 16 bits have to match that is the first two > numbers in the IP must match > e.g. 192.168.0.101/16 means that all IPs begining with 192.168 can > connect. > /32 means: the entire IP must match exactly for example > 192.168.0.101/32 means that only an IP exactly equal to 192.168.0.101 > may connect. > > How can we use it: > > # trust anyone attached to same machine as the database (no password > required) > host all all 127.0.0.1/32 trust > > # allow anyone to attach to any db FROM THIS ONE IP but require a > password encrypted via md5 > host all all 192.168.0.101/32 md5 > > Also note that the pg_hba.conf file is read only on server startup or > when the postmaster receives a SIGHUP signal. If you edit the file, > you must restart the server or SIGHUP the postmaster for the changes > to take effect. > > You can use > > pg_ctl reload -D /usr/local/pgsql/data > Note: /usr/local/pgsql/data is a Linux path to the database, use > equivalent for windows. The pg_ctl program is in the postgres bin > directory. > > See this link for more info: > http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html > > --Cheers, > HH >> As I understand, my main problem is to force PostgreSQL server allow >> me to connect with password authentication method, isn't it? And how I >> can do that? Sorry, got in a hurry and forgot to add some things: 1. Are you using ODBC to connect. If so, it could be that ODBC is having the problem with MD5. I don't know if ODBC has such problems, just a thought. 2. If you use password, you may have to change file postgresql.conf to include this setting: # (the default is on) password_encryption = off If you change this, you may also have to reset the users' passwords so that they are stored in plain text i.e. non-encrypted. 3. How did you create users and assign passwords. Did you encrypt them? You may want to review this: http://www.postgresql.org/docs/8.0/interactive/sql-createuser.html --Cheers, HH >> >> P. S. Sorry for poor english... >> >> >> > > -- H. Hall ReedyRiver Group LLC http://www.reedyriver.com