PostgreSQL Connection and Authorization Information

Article Applicability This article provides general information regarding PostgreSQL configuration and connectivity. The details are based on and tested exclusively with Windows-based PostgreSQL instances installed by Veeam products such as Veeam Backup & Replication, Veeam ONE, and Veeam Backup...

openGauss: Restricting the Permission for the pg_hba.conf File

The configuration file pghba.conf stores the configuration information about database connections. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C...

GaussDB Kernel: Setting Source IP Address for host Entries in the pg_hba.conf File

If source IP address is set to all or 0.0.0.0/0 for host entries, any IP addresses can access the database. You are advised to set source IP address for host entries to the IP address that needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be...

GaussDB Kernel: Setting user for host Entries in the pg_hba.conf File

If user is set to all for host entries, any users are allowed to access the database. You are advised to set user for host entries to the user who needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and ar...

GaussDB Kernel: Prohibiting host Entries (Except Intra-Cluster Nodes) from Using Trust Authentication in the pg_hba.conf File

Cluster nodes are deployed on the secure intranet. Only the communications between intra-cluster nodes are allowed to use trust authentication. Trust authentication assumes that all users who can connect to the cluster server nodes can access the database. This method is applied only when all use...

GaussDB Kernel: Setting database for host Entries in the pg_hba.conf File

If database is set to all for host entries, connected users are allowed to access any database. You are advised to set database for host entries to the database to be Connected. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are...

GaussDB Kernel: Configuring Node Connections in the pg_hba.conf File of DNs in the Cluster

Cluster nodes are deployed on the secure intranet. A DN allows communications only within the cluster. The pghba.conf file of a DN stores only configurations of intra-cluster node connections and trusted internal security connections. Copyright C 2020 Greenbone Networks GmbH Some text description...

GaussDB Kernel: Deleting hostnossl Entries from the pg_hba.conf File

The connections specified by the hostnossl entries are not encrypted using SSL. Considering security, you are advised to use the SSL connection. SSL can be used for connections between the CN and external nodes but not for connections between internal nodes. Copyright C 2020 Greenbone Networks Gm...

GaussDB Kernel: Checking All Local Entries Using Trust Authentication in the pg_hba.conf File

Trust authentication assumes that all users who can connect to the server can access the database. This method is convenient on single-user workstations but unsuitable for multi-user machines. As a result, you are advised to check all local entries that use trust authentication. Copyright C 2020...

GaussDB Kernel: Restricting the Permission for the pg_hba.conf File

The configuration file pghba.conf stores the configuration information about database connections. To prevent the parameters in the file from being tampered and protect customer information from security threats, this file directory must be protected and deny unauthorized user access. Copyright C...

openGauss: Setting database for host Entries in the pg_hba.conf File

If database is set to all for host entries, connected users are allowed to access any database. You are advised to set database for host entries to the database to be Connected. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are...

openGauss: Setting Source IP Address for host Entries in the pg_hba.conf File

If source IP address is set to all or 0.0.0.0/0 for host entries, any IP addresses can access the database. You are advised to set source IP address for host entries to the IP address that needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be...

openGauss: Configuring Node Connections in the pg_hba.conf File of the Database Node in openGauss

openGauss nodes are deployed on the secure intranet. Database nodes cannot be connected to or accessed through the internet. They can be connected only to nodes in the openGauss. The pghba.conf file of the database nodes stores only configurations of intra-openGauss node connections and trusted...

openGauss: Setting user for host Entries in the pg_hba.conf File

If user is set to all for host entries, any users are allowed to access the database. You are advised to set user for host entries to the user who needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and ar...

openGauss: Checking All Local Entries Using Trust Authentication in the pg_hba.conf File

Trust authentication assumes that all users who can connect to the server can access the database. This method is convenient on single-user workstations but unsuitable for multi-user machines. As a result, you are advised to check all local entries that use trust authentication. Copyright C 2020...

openGauss: Deleting hostnossl Entries from the pg_hba.conf File

The connections specified by the hostnossl entries are not encrypted using SSL. Considering security, you are advised to use the SSL connection. SSL can be used for connections between the CN and external nodes but not for connections between internal nodes. Copyright C 2020 Greenbone Networks Gm...

openGauss: Prohibiting host Entries from Using MD5 Authentication in the pg_hba.conf File

MD5 authentication is insecure. You are advised to use SHA256 authentication. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

openGauss: Prohibiting host Entries (Except Intra-openGauss Nodes) from Using Trust Authentication in the pg_hba.conf File

openGauss nodes are deployed on the secure intranet. Only the communications between intra-openGauss nodes are allowed to use trust authentication. Trust authentication assumes that all users who can connect to the openGauss server nodes can access the database. This method is applied only when a...

Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

Greetings, There appears to be some deficiencies in both the documentation of the 'md5' authentication methology in pghba.conf and in the md5 hash generation which is stored in pgshadow. The md5 hash which is generated for and stored in pgshadow does not use a random salt but instead uses the...

@(#)Mordred Labs advisory - Remote DoS in PostgreSQL <= 7.2.2

-----BEGIN PGP SIGNED MESSAGE----- //@ Mordred Labs advisory 0x0007 Release date: August 26, 2002 Name: Remote DoS condition in PostgreSQL Versions affected: = 7.2.2 Conditions: entry in a pghba.conf file that matches attacker's host. Risk: average Author: Sir Mordred http://mslabs.iwebland.com I...