Thread

  1. Login into PostgreSQL without password

    Murtuza Zabuawala <murtuza.zabuawala@enterprisedb.com> — 2016-05-26T13:21:26Z

    Hi,
    
    I have created a role using below sql, then I disconnected & try to login
    into postgres db with newly created user "test_role", It prompt for
    password and I pressed Enter key because I did not provided any password
    when I created role so it throw me an error as below *Error: fe_sendauth:
    no password supplied.*
    
    Can someone please explain this behaviour of postgreSQL database, where I'm
    not allowed to login without password even if I do not have password set
    for "test_role" user?
    
    The work around is I had to manually edit pg_hba conf and change
    authentication method to trust for this user so that i can login without
    password.
    
    And If that's how postgreSQL authentication works, then can we add a
    mechanism to disallow user to create role without password if running with
    md5 authentication mode?
    
    
    *SQL Query used to create role:*
    
    CREATE USER test_role WITH
    LOGIN
    SUPERUSER
    CREATEDB
    CREATEROLE
    INHERIT
    REPLICATION
    CONNECTION LIMIT -1;
    
    
    --
    Regards,
    Murtuza Zabuawala
    EnterpriseDB: http://www.enterprisedb.com
    The Enterprise PostgreSQL Company
    
  2. Re: Login into PostgreSQL without password

    Christoph Berg <myon@debian.org> — 2016-05-26T13:26:28Z

    Re: Murtuza Zabuawala 2016-05-26 <CAKKotZRGMdH3omD3GdW3LwA-AYbm4qY3+BKpXpfQMj9LDsFvtg@mail.gmail.com>
    > Hi,
    > 
    > I have created a role using below sql, then I disconnected & try to login
    > into postgres db with newly created user "test_role", It prompt for
    > password and I pressed Enter key because I did not provided any password
    > when I created role so it throw me an error as below *Error: fe_sendauth:
    > no password supplied.*
    > 
    > Can someone please explain this behaviour of postgreSQL database, where I'm
    > not allowed to login without password even if I do not have password set
    > for "test_role" user?
    
    "Without password" doesn't mean "can log in without a password", but
    rather "doesn't have a valid password". You will have to configure
    pg_hba.conf to let you in by other means. (peer, trust, or the
    oh-so-deprecated "ident".)
    
    > The work around is I had to manually edit pg_hba conf and change
    > authentication method to trust for this user so that i can login without
    > password.
    > 
    > And If that's how postgreSQL authentication works, then can we add a
    > mechanism to disallow user to create role without password if running with
    > md5 authentication mode?
    
    No. There's legitimate uses for roles without passwords, e.g. roles
    that act as user groups. (And there's no such thing as "running with
    md5", as there's usually various authentication methods configured in
    pg_hba.conf.)
    
    Christoph