snippetsqlModerate
How do I login to a Postgres database without a password?
Viewed 0 times
withoutpostgresloginpassworddatabasehow
Problem
Right now my Postgres' pg_hba.conf file has the following lines:
(I know that this is insecure. I'm just testing, and once it is successful, I'll keep it only specific users & databases)
My understanding was that
But when I do
What do I need to do to allow users to connect without a password?
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
#Should allow connection without password
host all all 0.0.0.0/0 trust
host all all ::0/0 trust(I know that this is insecure. I'm just testing, and once it is successful, I'll keep it only specific users & databases)
My understanding was that
trust should allow a user to connect without a password.But when I do
psql -U postgres -d postgres -h 127.0.0.1 -w, I get the error message: psql: fe_sendauth: no password suppliedWhat do I need to do to allow users to connect without a password?
Solution
When
Quote from the manual
The first record with a matching connection type, client address, requested database, and user name is used to perform authentication. There is no “fall-through” or “backup”: if one record is chosen and the authentication fails, subsequent records are not considered
(Emphasis mine)
In your case the lines:
are matched before the
pg_hba.conf is checked for an authentication request, the first match determines the rule. Quote from the manual
The first record with a matching connection type, client address, requested database, and user name is used to perform authentication. There is no “fall-through” or “backup”: if one record is chosen and the authentication fails, subsequent records are not considered
(Emphasis mine)
In your case the lines:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5are matched before the
trust lines you have added, therefor Postgres requires a password. If you want to disable password authentication completely you have to disable the md5 authentication, e.g. by commenting those lines.Code Snippets
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5Context
StackExchange Database Administrators Q#205144, answer score: 10
Revisions (0)
No revisions yet.