[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Default passwords for postgress

Hi Wayne,

The problem is that postgreSQL has little or no security by default, so it has
been set up to restrict access by password only.  This means that users without
a password (postgres being one) will not be able to connect at all.  At the
system level there is no reason for postgres to have a password, unless you
want to give access to this database superuser account to regular users.
If you modify /home/pgsql/pg_hba.conf and insert the following line (at the
start of the file--order matters in here):

local template1 trust

(the "template1" database is created by default with postgreSQL)
Then "su - postgres" and perform administrative tasks, like creating a password
entry from the account so you can lock down the database again and still
perform administrative tasks:

/usr/bin/psql -d template1 -c "ALTER USER postgres WITH PASSWORD pass"

When you are done remove/comment out the line added to pg_hba.conf above.  Then
if you want to connect to a database use the -u option.  For example to do
further admin tasks:

/usr/bin/psql -u template1
Username: postgres
Password: pass

template1=> CREATE USER example WITH PASSWORD examplepw;
template1=> CREATE DATABASE example;

And you can now connect to this database with:

/usr/bin/psql -u example
Username: example
Password: examplepw


I hope this was helpful...


[ On Fri, 28 Apr 2000, Wayne Killmer wrote: ]
] I am trying to setup a postgres database and need a few passwords.  Since 
] Postgres came installed on our RaQ3, I am guessing that there are some
] default passwords.
] 1.  I need the password for the linux postgress user.
] 2.  I need the password for the postgress admin user.
] 3.  I need the password for the postgres postgres user.
] Thanks in advance.
] Wayne