PgBouncer 身份验证方法类型不同的问题

问题描述 投票:0回答:1

我对 PgBouncer 和 Postgresql 中的 auth 方法有一些问题。

错误:


2024-09-28 10:49:28.750 UTC [120] LOG process up: PgBouncer 1.23.1, libevent 2.1.12-stable (epoll), adns: evdns2, tls: OpenSSL 3.0.7 1 Nov 2022
2024-09-28 10:49:32.468 UTC [120] LOG C-0x274199c0: database/[email protected]:38382 login attempt: db=database user=username tls=no replication=no
2024-09-28 10:49:35.840 UTC [120] LOG C-0x274199c0: database/[email protected]:45156 login attempt: db=database user=username tls=no replication=no
2024-09-28 10:49:35.849 UTC [120] LOG S-0x274446b0: database/[email protected]:5432 new connection to server (from 127.0.0.1:57562)
2024-09-28 10:49:35.859 UTC [120] ERROR S-0x274446b0: database/[email protected]:5432 cannot do SCRAM authentication: wrong password type
2024-09-28 10:49:35.859 UTC [120] LOG C-0x274199c0: database/[email protected]:45156 closing because: server login failed: wrong password type (age=0s)
2024-09-28 10:49:35.859 UTC [120] WARNING C-0x274199c0: database/[email protected]:45156 pooler error: server login failed: wrong password type
2024-09-28 10:49:35.859 UTC [120] LOG S-0x274446b0: database/[email protected]:5432 closing because: failed to answer authreq (age=0s)

我不知道为什么 Postgresql 尝试使用 SCRAM 方法进行身份验证。

Postgresql hba 文件:

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5
# IPv6 local connections:
host    all             all             ::1/128                 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local   replication     all                                     trust
host    replication     all             127.0.0.1/32            md5
host    replication     all             ::1/128                 md5

# ---
# @PgCloud : Add replication user
host    replication     replica_user    0.0.0.0/0               md5

host    all             all             0.0.0.0/0               md5

PgBouncer 文件:

[databases]
db_pgcloud = host=127.0.0.1 port=5432 dbname=database user=username
[pgbouncer]
listen_addr = *
listen_port = 6432
auth_type   = md5
auth_file   = /etc/pgbouncer/auth_file.cfg
pool_mode = transaction
max_client_conn = 2000
default_pool_size = 100

和 auth_file.cfg

"username" "md5aaaa0cce3756d15429bdb3647b144704"
postgresql authentication md5 pgbouncer
1个回答
0
投票

hba 中的“md5”被解释为“md5 或更好”,其中(目前)更好只能表示 SCRAM。

如果 pg_authid 中存储的哈希值是 SCRAM 格式,则与 auth_file.cfg 中存储的 md5 不兼容,因此您会收到“密码类型错误”错误。

您可以登录真实服务器(绕过pgbouncer,或使用superuer),然后重置密码,以便在重置之前通过适当设置password_encryption,以md5格式对密码进行哈希处理。 (你还可以做大约一百万种其他事情,但这种方法似乎最符合你的隐含意图)

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.