没有主机的pg_hba.conf条目

当我尝试使用DBI连接时出现以下错误

DBI connect('database=chaosLRdb;host=192.168.0.1;port=5433','postgres',...) 
failed: FATAL:  no pg_hba.conf entry for host "192.168.0.1", user "postgres", database "chaosLRdb", SSL off

这是我的pg_hba.conf文件:

# "local" is for Unix domain socket connections only
local   all         all                               md5
# IPv4 local connections:
host    all         all         127.0.0.1/32          md5
# IPv6 local connections:
host    all         all         ::1/128               md5

host    all         postgres    127.0.0.1/32          trust

host    all        postgres     192.168.0.1/32        trust

host    all        all         192.168.0.1/32        trust

host    all        all         192.168.0.1/128        trust

host    all        all         192.168.0.1/32        md5

host    chaosLRdb    postgres         192.168.0.1/32      md5
local    all        all         192.168.0.1/32        trust

我的perl代码是

#!/usr/bin/perl-w
use DBI;
use FileHandle;

print "Start connecting to the DB...\n";

@ary = DBI->available_drivers(true);
%drivers = DBI->installed_drivers();
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433", "postgres", "chaos123");

我可以知道我想念的是什么吗？

1> Gray..：

---

在你的pg_hba.conf文件中,我看到一些不正确和令人困惑的行:

# fine, this allows all dbs, all users, to be trusted from 192.168.0.1/32
# not recommend because of the lax permissions
host    all        all         192.168.0.1/32        trust

# wrong, /128 is an invalid netmask for ipv4, this line should be removed
host    all        all         192.168.0.1/128       trust

# this conflicts with the first line
# it says that that the password should be md5 and not plaintext
# I think the first line should be removed
host    all        all         192.168.0.1/32        md5

# this is fine except is it unnecessary because of the previous line
# which allows any user and any database to connect with md5 password
host    chaosLRdb  postgres    192.168.0.1/32        md5

# wrong, on local lines, an IP cannot be specified
# remove the 4th column
local   all        all         192.168.0.1/32        trust

我怀疑如果你输入了密码,如果修剪线条,这可能会有用.要获取md5,您可以使用perl或以下shell脚本:

 echo -n 'chaos123' | md5sum
 > d6766c33ba6cf0bb249b37151b068f10  -

那么你的连线就像这样:

my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433",
    "chaosuser", "d6766c33ba6cf0bb249b37151b068f10");

有关更多信息,请参阅postgres 8.X的pg_hba.conf文件的文档.

2> 小智..：

---

如果你可以改变这一行:

host    all        all         192.168.0.1/32        md5

有了这个:

host    all        all         all                   md5

你可以看看这是否解决了这个问题.

但另一个考虑因素是你的postgresql端口(5432)对黑客的密码攻击非常开放(也许他们可以强制密码).您可以将postgresql端口5432更改为"33333"或其他值,以便他们无法知道此配置.

3> adam..：

---

你的postgres服务器配置似乎是正确的

host    all         all         127.0.0.1/32          md5
host    all         all         192.168.0.1/32        trust

应该授予从客户端到postgres服务器的访问权限.所以这让我相信用户名/密码失败了.

通过为该数据库创建特定用户来测试它

createuser -a -d -W -U postgres chaosuser

然后调整perl脚本以使用新创建的用户

my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433", "chaosuser", "chaos123");

---

他收到有关缺少pg_hba.conf行的错误这一事实意味着它尚未检查密码.