> On Sep 18, 2023, at 11:45 AM, Johnson, Bruce E - (bjohnson) > <john...@pharmacy.arizona.edu> wrote: > > I am doing some testing trying to migrate some websites from using Oracle to > Postgres. (Using Perl DBI and DBD::Pg as the connecting mechanism) > > (Server Environment Postgres 15 running on Ubuntu 22.04, client Rocky Linux > using the supplied PostgreSQL DBI and DBD::Pg packages) > > The error I am getting on the client is: > > password authentication failed for user "trav" > connection to server at "dhbpostgres.pharmacy.arizona.edu" (10.128.206.109), > port 5432 failed: FATAL: no pg_hba.conf entry for host "10.128.206.109", > user "trav", database "webdata", no encryption > > But I do have an entry that should allow it: > > #Internal server mgmt range > hostssl > all all > 10.128.206.0/23 password >
I might be missing something obvious, but your error says “no encryption”, while the pg_hba entry is “hostssl” indicating it will match encrypted connections only, so it doesn’t match. --- Israel Brewster Software Engineer Alaska Volcano Observatory Geophysical Institute - UAF 2156 Koyukuk Drive Fairbanks AK 99775-7320 Work: 907-474-5172 cell: 907-328-9145 > From the manual (pg 704, 21.1. The pg_hba.conf File): > > "An IP address range is specified using standard numeric notation for the > range's starting address, then a slash (/) and a CIDR mask length. The mask > length indicates the number of high-order bits of the client IP address that > must match. Bits to the right of this should be zero in the given IP address. > There must not be any white space between the IP address, the /, and the CIDR > mask length. > > Typical examples of an IPv4 address range specified this way are > 172.20.143.89/32 for a single host, or 172.20.143.0/24 for a small network, > or 10.6.0.0/16 for a larger one. " > > 10.128.206.109 is definitely in that range. > > The test script DOES work with my desktop running the same software, but I > have it set in pg_hba.conf as just my systems ip: > > hostssl > webdata > trav nnn.nnn.nnn.nnn/32 > password > > > (Ip address redacted because it is externally accessible) > > -- > Bruce Johnson > University of Arizona > College of Pharmacy > Information Technology Group > > Institutions do not have opinions, merely customs > >
