lundi 22 février 2010

Enabling Remote Access pgsql

If you wish to enable remote access, modify the cluster settings. The configuration files for each cluster are in the directory /etc/postgresql/version/clustername/, e.g. /etc/postgresql/8.1/main/.
Edit the file postgresql.conf, and remove the comment marker on the line for the listen_addresses setting, so that it reads:
listen_addresses = '*'
Open the file pg_hba.conf:
# nano /etc/postgresql/8.1/main/pg_hba.conf
To permit users to connect from remote systems on your network with any role, add this line:
host all all 192.168.1.0/24  md5
Replace 192.168.1.0/24 with the appropriate subnet definition for your network.
This enables md5 authentication, which means that login roles are secured with passwords that PostgreSQL itself stores in an encrypted form, and that PostgreSQL will require a valid password for any remote connection to use a role. After you make this change, ident authentication remains enabled for local logins.
You may, of course, change the local line in pg_hba.conf to disable ident authentication. Make sure that you can actually login to your PostgreSQL cluster with the postgres role and a password first!
To make your changes take effect, restart the service:
# /etc/init.d/postgresql-8.1 restart
Once the service restarts, you may access your PostgreSQL service from remote systems, either using tools such as psql or pgAdmin III, or with applications that support SQL. The Debian version of PostgreSQL is configured to automatically protect network connections with SSL, so that all communication between the server and remote clients is encrypted.
By default, the postgres system account on Debian is locked, and you should not unlock it. Cracking tools now try to use postgres, root, and other well-known system account names when they attempt to gain access to UNIX-like operating systems.
Under no circumstance should you enable PostgreSQL ident authentication for any remote access. The ident system cannot safely verify or guarantee the identity of any user on a remote system.
Publié par à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)

Talend Certified

Certification is awarded to individuals who successfully complete a comprehensive online test covering all aspects of the use of Talend Open Studio in real-life situations. Clients trusting a systems integrator to implement a solution want to be reassured that the consultants are indeed experts in the technology. Talend certification gives them this level of assurance.

Qui êtes-vous ?

Paris, Île de France, France
I'm a textbook computer geek, who has a keen interest in programming, GIS and mapping.

Linux News

Wikipedia

Mission Topographique

Mission Topographique
Promo6 Mastére Géomatique

Talend Blog

Liste de partage de geomatiLux

Libellés

Media préferé

  • www.talend.com

Le Groupe CLLFST

Le Groupe CLLFST
SFD 2007

CLLFST & INFO+

CLLFST & INFO+
SFD 2007