I am trying to get my proftpd working with mysql.
The user is being found in the DB but the password is failing
i create the password with the command
/bin/echo -n "password" | openssl dgst -binary -md5 | openssl enc -base64
I then paste that password in the db
this is the contents of the log file
mod_sql/4.2.5[13059]: query "SELECT userid, passwd, uid, gid, homedir, shell FROM ftpuser WHERE (userid='me') LIMIT 1"
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: user UID 48 below SQLMinUserUID 500, using SQLDefaultUID 65533
mod_sql/4.2.5[13059]: user GID 48 below SQLMinUserGID 500, using SQLDefaultGID 65533
mod_sql/4.2.5[13059]: user GID 48 below SQLMinUserGID 500, using SQLDefaultGID 65533
mod_sql/4.2.5[13059]: cache miss for user 'me'
mod_sql/4.2.5[13059]: user 'me' cached
mod_sql/4.2.5[13059]: + pwd.pw_name : me
mod_sql/4.2.5[13059]: + pwd.pw_uid : 65533
mod_sql/4.2.5[13059]: + pwd.pw_uid : 65533
mod_sql/4.2.5[13059]: + pwd.pw_gid : 65533
mod_sql/4.2.5[13059]: + pwd.pw_shell : /sbin/nologin
mod_sql/4.2.5[13059]: + pwd.pw_shell : /sbin/nologin
mod_sql/4.2.5[13059]: <<< cmd_getpwnam
mod_sql/4.2.5[13059]: >>> cmd_gid2name
mod_sql/4.2.5[13059]: cache miss for GID '65533'
mod_sql/4.2.5[13059]: cache miss for GID '65533'
mod_sql/4.2.5[13059]: : entering mysql cmd_select
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: connection 'default' count is now 2
mod_sql/4.2.5[13059]: exiting mysql cmd_open
mod_sql/4.2.5[13059]: query "SELECT groupname FROM groups WHERE (gid = 65533) LIMIT 1"
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: <<< cmd_gid2name
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: <<< cmd_gid2name
mod_sql/4.2.5[13059]: >>> cmd_getgroups
mod_sql/4.2.5[13059]: cache hit for user 'me'
mod_sql/4.2.5[13059]: cache miss for GID '65533'
mod_sql/4.2.5[13059]: cache hit for user 'me'
mod_sql/4.2.5[13059]: cache miss for GID '65533'
mod_sql/4.2.5[13059]: : entering mysql cmd_select
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: connection 'default' count is now 2
mod_sql/4.2.5[13059]: exiting mysql cmd_open
mod_sql/4.2.5[13059]: query "SELECT groupname FROM groups WHERE (gid = 65533) LIMIT 1"
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: entering mysql cmd_escapestring
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: connection 'default' count is now 2
mod_sql/4.2.5[13059]: exiting mysql cmd_open
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_escapestring
mod_sql/4.2.5[13059]: : entering mysql cmd_select
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: connection 'default' count is now 2
mod_sql/4.2.5[13059]: exiting mysql cmd_open
mod_sql/4.2.5[13059]: query "SELECT groupname, gid, members FROM groups WHERE (members = 'me' OR members LIKE 'me,%' OR members LIKE '%,me' OR members LIKE '%,me,%')"
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_select
mod_sql/4.2.5[13059]: <<< cmd_getgroups
mod_sql/4.2.5[13059]: <<< cmd_getgroups
mod_sql/4.2.5[13059]: >>> cmd_auth
mod_sql/4.2.5[13059]: entering mysql cmd_escapestring
mod_sql/4.2.5[13059]: entering mysql cmd_escapestring
mod_sql/4.2.5[13059]: entering mysql cmd_open
mod_sql/4.2.5[13059]: connection 'default' count is now 2
mod_sql/4.2.5[13059]: exiting mysql cmd_open
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' count is now 1
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_escapestring
mod_sql/4.2.5[13059]: cache hit for user 'me'
mod_sql/4.2.5[13059]: cache hit for user 'me'
mod_sql/4.2.5[13059]: >>> cmd_check
mod_sql/4.2.5[13059]: checking password using SQLAuthType 'OpenSSL'
mod_sql/4.2.5[13059]: no digest found in password hash
mod_sql/4.2.5[13059]: no digest found in password hash
mod_sql/4.2.5[13059]: 'OpenSSL' SQLAuthType handler reports failure
mod_sql/4.2.5[13059]: checking password using SQLAuthType 'Crypt'
mod_sql/4.2.5[13059]: checking password using SQLAuthType 'Crypt'
mod_sql/4.2.5[13059]: 'Crypt' SQLAuthType handler reports failure
mod_sql/4.2.5[13059]: <<< cmd_check
mod_sql/4.2.5[13059]: <<< cmd_auth
mod_sql/4.2.5[13059]: entering mysql cmd_exit
mod_sql/4.2.5[13059]: entering mysql cmd_close
mod_sql/4.2.5[13059]: connection 'default' closed
mod_sql/4.2.5[13059]: connection 'default' count is now 0
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_exit
mod_sql/4.2.5[13059]: exiting mysql cmd_close
mod_sql/4.2.5[13059]: exiting mysql cmd_exit
I assume this is the key but not much luck past here
mod_sql/4.2.5[13059]: checking password using SQLAuthType 'OpenSSL'
mod_sql/4.2.5[13059]: no digest found in password hash
mod_sql/4.2.5[13059]: no digest found in password hash
mod_sql/4.2.5[13059]: 'OpenSSL' SQLAuthType handler reports failure
any help/ideas would be greatly appreciated
you need to add to your passwd value the digest format, something like
{md5}X03MO1qnZdYdgyfeuILPmQ==, the {md5} value is missing in your password string
Related
11:06:04.676 [error] GenServer #PID<0.290.0> terminating
** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) Ident authentication failed for user "postgres"
(db_connection 2.4.1) lib/db_connection/connection.ex:100: DBConnection.Connection.connect/2
(connection 1.1.0) lib/connection.ex:622: Connection.enter_connect/5
(stdlib 3.17) proc_lib.erl:226: :proc_lib.init_p_do_apply/3
Last message: nil
State: Postgrex.Protocol
11:06:04.695 [error] GenServer #PID<0.297.0> terminating
** (Postgrex.Error) FATAL 28000 (invalid_authorization_specification) Ident authentication failed for user "postgres"
(db_connection 2.4.1) lib/db_connection/connection.ex:100: DBConnection.Connection.connect/2
(connection 1.1.0) lib/connection.ex:622: Connection.enter_connect/5
(stdlib 3.17) proc_lib.erl:226: :proc_lib.init_p_do_apply/3
Last message: nil
State: Postgrex.Protocol
** (Mix) The database for Helloworld.Repo couldn't be created: killed
I already tried everything. I am on Fedora 35, i did all that the official Fedora PostgreSQL docs said. I changed the pg_hba.conf for this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
I setted a password for the user postgres, i initialize it, and nothing happens.
I browsed through some 10 questions here on StackOverflow and none of the solutions works.
Any help?
Simply replace ident with md5 in pg_hba.conf and reload PostgreSQL, then you can use password authentication for localhost connections.
I'm getting too many connections for database error. But there's only 6 active connections to the entire Postgres RDS Server.
Npgsql.PostgresException (0x80004005): 53300: too many connections for
database "db_name"
Max Connections: 300
Active Connections: 6
SELECT * FROM pg_stat_activity where datname = 'dbname'; is getting empty
I'm trying to configure pgpool as the load balancer for my Postgres cluster.
I have two postgres nodes, 1 master and 1 slave.
My pg_hba.conf looks like
hostssl user mydb 1.1.1.1/32 md5
hostssl user postgres 1.1.1.1/32 md5
host user mydb 1.1.1.1/32 md5
host user postgres 1.1.1.1/32 md5
where 1.1.1.1/32 is my actual pgpool server IP.
If I try to establish a connection to ether master or slave using psql right from the pgpool container, I can do it without any problems.
But when I start pgpool I got this error message:
2021-10-26 13:50:13: pid 753: ERROR: backend authentication failed
2021-10-26 13:50:13: pid 753: DETAIL: backend response with kind 'E' when expecting 'R'
2021-10-26 13:50:13: pid 753: HINT: This issue can be caused by version mismatch (current version 3)
2021-10-26 13:50:13: pid 736: ERROR: backend authentication failed
2021-10-26 13:50:13: pid 736: DETAIL: backend response with kind 'E' when expecting 'R'
2021-10-26 13:50:13: pid 736: HINT: This issue can be caused by version mismatch (current version 2)
If I edit pool_passwd file and set some invalid password I got a proper error
2021-10-26 13:59:03: pid 736: ERROR: md5 authentication failed
2021-10-26 13:59:03: pid 736: DETAIL: password does not match
So I guess that's not a problem with my postgres credentials.
Any ideas?
While I am installing Documentum content server on AWS EKS, I am receiving this Error.
Postgress DB is installed on EC2 VM.
14:20:47,013 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerModifyDocbaseDirectory
- The installer will create the folder structure for repository postgres. 14:20:47,021 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerPasswordFileGenerator
- The installer is generating database password file... 14:20:47,111 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerIniGenerator
- The installer will create server.in file for repository postgres. 14:20:47,152 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpaceScriptGenerator
- The installer will create scripts to for Postgresql Database. 14:20:47,152 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpaceScriptGenerator
- The URL is jar:file:/tmp/install.dir.208/InstallerData/installer.zip!/dm_CreateTableSpace.sql 14:20:47,209 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCopyDeleteTableSpaceScript
- The installer will move file /opt/dctm/dba/config/postgres/dm_DeleteTableSpace.sql to a new location /opt/dctm/server_uninstall/delete_db/postgres/dm_DeleteTableSpace.sql. 14:20:47,214 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerCreateTableSpace
- The installer is executing the : Creating the database script. 14:20:47,355 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerWebCacheIniGenerator
- The installer will create webcache.ini file for the repository. 14:20:47,394 INFO [main] com.documentum.install.server.installanywhere.actions.DiWAServerTestServerIni
- The installer is testing the database connection information 14:20:47,395 INFO [main] com.documentum.install.server.common.services.db.DiServerPostgresqlServer
- The installer is validating the database connection information in the server.ini file. 14:20:47,563 ERROR [main] com.documentum.install.server.installanywhere.actions.DiWAServerTestServerIni
- Docbase could not connect to the database. Please check output file for more information: /tmp/291406.tmp/DBTestResult18051870723865753931.tmp com.documentum.install.shared.common.error.DiException: Docbase could not connect to the database. Please check output file for more information: /tmp/291406.tmp/DBTestResult18051870723865753931.tmp
This is log of dm_CreateTableSpace.out
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:1: ERROR: role "postgres" already exists
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:3: ERROR: zero-length delimited identifier at or near """"
LINE 1: GRANT "postgres" TO "";
^
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:6: ERROR: database "dm_postgres_docbase" already exists
ALTER DATABASE
GRANT
psql:/opt/dctm/dba/config/postgres/dm_CreateTableSpace.sql:9: ERROR: zero-length delimited identifier at or near """"
LINE 1: REVOKE "postgres" FROM "";
^
You are now connected to database "dm_postgres_docbase" as user "postgres".
CREATE SCHEMA
SET
GRANT
GRANT
GRANT
I don't understand how to make it working.
Even I am facing issues with Postgres RDS Instant i.e.
GRANT "postgres" TO ""
The log is getting generated on PostgreSQL ec2 instance
2021-07-20 11:53:46.434 UTC [7854] dctm#dm_dctm_docbase FATAL:
password authentication fail
ed for user "dctm" 2021-07-20 11:53:46.434 UTC [7854]
dctm#dm_dctm_docbase DETAIL: Role "dctm" does not exist.
Connection matched pg_hba.conf line 99: "host all all 172
.16.0.0/16 md5" 2021-07-20 11:53:46.436 UTC [7855]
dctm#dm_dctm_docbase FATAL: password authentication fail
ed for user "dctm" 2021-07-20 11:53:46.436 UTC [7855]
dctm#dm_dctm_docbase DETAIL: Role "dctm" does not exist.
Connection matched pg_hba.conf line 99: "host all all 172
.16.0.0/16 md5" 2021-07-20 11:53:49.056 UTC [7857]
postgres#postgres ERROR: zero-length delimited identifie
r at or near """" at character 17 2021-07-20 11:53:49.056 UTC [7857]
postgres#postgres STATEMENT: GRANT "dctm" TO ""; 2021-07-20
11:53:49.145 UTC [7857] postgres#postgres ERROR: zero-length
delimited identifie
r at or near """" at character 20 2021-07-20 11:53:49.145 UTC [7857]
postgres#postgres STATEMENT: REVOKE "dctm" FROM ""; password
authentication fail ed for user "dctm" 2021-07-20
11:53:46.434 UTC [7854] dctm#dm_dctm_docbase DETAIL: Role "dctm" does
not exist.
I am using PostgreSQL superuser login and is working fine with cli.
updated the value in heml chart i.e values.yaml for documentum : content-server.
Every time you try to re-run the install you should completely delete everything. It looks like Postgres has the tablespace already created and that's why the test is failing
I have tried a lot but did't get exact knowledge to copy which files to client side
Getting error " Valid authentication certificate required"
Below is postgres DB server directory
total 80
skipping unwanted directory
-rw-------. 1 postgres postgres 1285 Feb 13 20:16 rootCA.crt
-rw-------. 1 postgres postgres 1168 Feb 13 20:16 server.crt
-rw-------. 1 postgres postgres 1679 Feb 13 20:17 server.key
Below is postgresql.conf file content related to SSL configuration.
[postgres#munmvs2951 raj]$ cat postgresql.conf | grep ssl
ssl = on # (change requires restart)
ssl_ciphers = 'HIGH:MEDIUM:+3DES:!aNULL' # allowed SSL ciphers
#ssl_prefer_server_ciphers = on # (change requires restart)
#ssl_ecdh_curve = 'prime256v1' # (change requires restart)
#ssl_renegotiation_limit = 512MB # amount of data between renegotiations
ssl_cert_file = 'server.crt' # (change requires restart)
ssl_key_file = 'server.key' # (change requires restart)
ssl_ca_file = 'rootCA.crt' # (change requires restart)
#ssl_crl_file = '' # (change requires restart)
Below is the pg_hba file.
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres trust
#host replication postgres 127.0.0.1/32 trust
#host replication postgres ::1/128 trust
#secure client
hostssl postgres postgres clientip/32 md5 clientcert=1
Below is the client side PostgreSQL user home directory from where psql will connect to server.
[postgres#clinet ~]$ ll
total 32
-rw------- 1 postgres postgres 1168 Feb 15 10:27 client.crt
-rw------- 1 postgres postgres 989 Feb 15 10:27 client.csr
-rw------- 1 postgres postgres 1285 Feb 15 11:47 rootCA.crt
-rw------- 1 postgres postgres 1675 Feb 15 11:47 rootCA.key
-rw------- 1 postgres postgres 17 Feb 15 11:47 rootCA.srl
-rw------- 1 postgres postgres 1168 Feb 15 11:47 server.crt
-rw------- 1 postgres postgres 989 Feb 15 11:47 server.csr
-rw------- 1 postgres postgres 1679 Feb 15 11:47 server.key
[postgres#client ~]$ pwd
/home/postgres
when i going to connect, getting below error.
[postgres#client ~]$ /opt/PostgresPlus/9.4AS/bin/psql -U postgres -p5443 -hserverip
psql.bin: FATAL: connection requires a valid client certificate
FATAL: no pg_hba.conf entry for host "10.80.x.x", user "postgres", database "postgres", SSL off
However, I can access without clientcert=1 in pg_hba file.
Ref:
[postgres#client ~]$ /opt/PostgresPlus/9.4AS/bin/psql -U postgres -p5443 -hserverip
psql.bin (9.4.1.3)
SSL connection (protocol: TLSv1.2, cipher: ECDHE-RSA-AES256-GCM-SHA384, bits: 256, compression: off)
Type "help" for help.
postgres=#
In above successful connection, i think ssl checking only at server side not client side.
but i want to know which files should i copy to PostgreSQL home directory #client side. to check certificate as per clientcert=1
Thanks for your help.
See https://www.postgresql.org/docs/current/libpq-ssl.html
Below is the client side PostgreSQL user home directory from where psql will connect to server
They do not belong in the home directory, they belong in a subdirectory of the home directory named .postgresql. Or in Windows, in a directory named "%APPDATA% \ postgresql". And file rootCA.crt has to be named root.crt, unless you have gone out of your way to change the name/location on the client side configuration, which it doesn't seem you have done (you have changed it on the server side, but that doesn't change it on the client side). And client.crt should be named postgresql.crt and you are missing the key file for it. And the fact that you have a file named rootCA.key in the client's directory is frightening, no one but the CA should have access to that.