On 11/22/23 10:03 AM, Atul Kumar wrote:
Please can you share any command for due diligence whether ip is resolved to ipv6 ?.
This: psql -d postgres -U postgres -p 5432 -h localhost where pretty sure /etc/hosts is resolving localhost --> ::1
On Wed, Nov 22, 2023 at 11:25 PM Andreas Kretschmer <[email protected]> wrote:Am 22.11.23 um 18:44 schrieb Atul Kumar: > I am giving this command > psql -d postgres -U postgres -p 5432 -h localhost > Then only I get that error. so localhost resolved to an IPv6 - address ... > > but when I pass ip or hostname of the local server then I don't get > such error message > 1. psql -d postgres -U postgres -p 5432 -h <ip of local server> > 2. psql -d postgres -U postgres -p 5432 -h <hostname of local server> resolves to an IPv4 - address. you can see the difference? localhost != iv4-address != hostname with ipv4 address Andreas > > > I don;t get that error while using the above two commands. > > > Regards. > > > On Wed, Nov 22, 2023 at 10:45 PM Adrian Klaver > <[email protected]> wrote: > > On 11/22/23 09:03, Atul Kumar wrote: > > The entries that I changed were to replace the md5 with > scram-sha-256 > > and remove unnecessary remote IPs. > > FYI from: > > https://www.postgresql.org/docs/current/auth-password.html > > md5 > > The method md5 uses a custom less secure challenge-response > mechanism. It prevents password sniffing and avoids storing > passwords on > the server in plain text but provides no protection if an attacker > manages to steal the password hash from the server. Also, the MD5 > hash > algorithm is nowadays no longer considered secure against determined > attacks. > > The md5 method cannot be used with the db_user_namespace feature. > > To ease transition from the md5 method to the newer SCRAM > method, > if md5 is specified as a method in pg_hba.conf but the user's > password > on the server is encrypted for SCRAM (see below), then SCRAM-based > authentication will automatically be chosen instead. > > > > > But it has nothing to do with connecting the server locally with > "psql > > -d postgres -U postgres -h localhost" > > The error: > > no pg_hba.conf entry for host "::1", user "postgres", database > "postgres > > > says it does and the error is correct as you do not have an IPv6 > entry > for localhost in pg_hba.conf. At least in the snippet you showed us. > > > > > > But when I try to connect it locally I get this error. So it is > related > > When you say connect locally do you mean to localhost or to > local(socket)? > > > to local connections only and when I pass the hostname or ip of the > > server it works fine without any issue. > > > > > > Regards. > > > > -- > Adrian Klaver > [email protected] >-- Andreas Kretschmer - currently still (garden leave)Technical Account Manager (TAM) www.enterprisedb.com <http://www.enterprisedb.com>
