无法在 AWS ec2 上更改 postgres 10.4 用户密码
can't change postgres 10.4 user password on AWS ec2
我想为我在 Amazon Linux ec2 服务器上设置的 psql 数据库添加密码保护。我只希望数据库可以通过服务器实例访问(我通过腻子连接到服务器),并且只需要密码验证。
以前,我的 pg_hba.conf(位于 /var/lib/pgsql/data/)看起来像这样(用户:全部,方法:信任):
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all postgres trust
# IPv4 local connections:
host all postgres 127.0.0.1/32 trust
# IPv6 local connections:
host all postgres ::1/128 trust
# replication privilege.
local replication postgres trust
host replication postgres 127.0.0.1/32 trust
host replication postgres ::1/128 trust
为了保护它,我将其更改为(用户:postgres,方法:scram-sha-256):
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all scram-sha-256
# IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host all all ::1/128 scram-sha-256
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all scram-sha-256
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256
为了设置密码,我使用了(进入 postgres 终端):
[ec2-user@AWS]: sudo -u postgres psql
然后我运行:
postgres=# ALTER ROLE postgres PASSWORD 'new_password';
我收到:
ALTER ROLE
然后当我退出 postgres 终端并更改为 postgres 用户时:
[ec2-user@AWS]: su - postgres
系统提示我输入密码。
我输入之前的设置:
Password: 'new_password'
我得到:
su: Authentification failure
我错过了什么..?
您必须将 password_encryption 设置为 scram-sha-256 并在更改密码之前重新加载服务器。 scram-sha-256 身份验证仅适用于 scram-sha-256 散列密码。
我想为我在 Amazon Linux ec2 服务器上设置的 psql 数据库添加密码保护。我只希望数据库可以通过服务器实例访问(我通过腻子连接到服务器),并且只需要密码验证。
以前,我的 pg_hba.conf(位于 /var/lib/pgsql/data/)看起来像这样(用户:全部,方法:信任):
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all postgres trust
# IPv4 local connections:
host all postgres 127.0.0.1/32 trust
# IPv6 local connections:
host all postgres ::1/128 trust
# replication privilege.
local replication postgres trust
host replication postgres 127.0.0.1/32 trust
host replication postgres ::1/128 trust
为了保护它,我将其更改为(用户:postgres,方法:scram-sha-256):
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all scram-sha-256
# IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host all all ::1/128 scram-sha-256
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all scram-sha-256
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256
为了设置密码,我使用了(进入 postgres 终端):
[ec2-user@AWS]: sudo -u postgres psql
然后我运行:
postgres=# ALTER ROLE postgres PASSWORD 'new_password';
我收到:
ALTER ROLE
然后当我退出 postgres 终端并更改为 postgres 用户时:
[ec2-user@AWS]: su - postgres
系统提示我输入密码。 我输入之前的设置:
Password: 'new_password'
我得到:
su: Authentification failure
我错过了什么..?
您必须将 password_encryption 设置为 scram-sha-256 并在更改密码之前重新加载服务器。 scram-sha-256 身份验证仅适用于 scram-sha-256 散列密码。