Re: [HACKERS] Login into PostgreSQL without password

[Christoph Berg]

Re: Murtuza Zabuawala 2016-05-26 

> Hi,
> 
> I have created a role using below sql, then I disconnected & try to login
> into postgres db with newly created user "test_role", It prompt for
> password and I pressed Enter key because I did not provided any password
> when I created role so it throw me an error as below *Error: fe_sendauth:
> no password supplied.*
> 
> Can someone please explain this behaviour of postgreSQL database, where I'm
> not allowed to login without password even if I do not have password set
> for "test_role" user?

"Without password" doesn't mean "can log in without a password", but
rather "doesn't have a valid password". You will have to configure
pg_hba.conf to let you in by other means. (peer, trust, or the
oh-so-deprecated "ident".)

> The work around is I had to manually edit pg_hba conf and change
> authentication method to trust for this user so that i can login without
> password.
> 
> And If that's how postgreSQL authentication works, then can we add a
> mechanism to disallow user to create role without password if running with
> md5 authentication mode?

No. There's legitimate uses for roles without passwords, e.g. roles
that act as user groups. (And there's no such thing as "running with
md5", as there's usually various authentication methods configured in
pg_hba.conf.)

Christoph


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

[HACKERS] Login into PostgreSQL without password

[Murtuza Zabuawala]

Hi,

I have created a role using below sql, then I disconnected & try to login
into postgres db with newly created user "test_role", It prompt for
password and I pressed Enter key because I did not provided any password
when I created role so it throw me an error as below *Error: fe_sendauth:
no password supplied.*

Can someone please explain this behaviour of postgreSQL database, where I'm
not allowed to login without password even if I do not have password set
for "test_role" user?

The work around is I had to manually edit pg_hba conf and change
authentication method to trust for this user so that i can login without
password.

And If that's how postgreSQL authentication works, then can we add a
mechanism to disallow user to create role without password if running with
md5 authentication mode?


*SQL Query used to create role:*

CREATE USER test_role WITH
LOGIN
SUPERUSER
CREATEDB
CREATEROLE
INHERIT
REPLICATION
CONNECTION LIMIT -1;


--
Regards,
Murtuza Zabuawala
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company