I want to login to postgres using remote host.
I have configured the postgresql.conf file with listen_addresses ='*'
I have configured pg_hba.conf file with
host all all 0.0.0.0/0 md5
But still I am unable to login and I see the following error
-bash-4.2$ psql -d sbtest -U postgres -W -h 10.54.48.59
Password:
psql: could not connect to server: Connection refused
Is the server running on host "10.54.48.59" and accepting
TCP/IP connections on port 5432?
-bash-4.2$
There is not firewall on it
and the port 5432 is open
I faced the same issue today and I was following the steps from here. after spending few hours, I found my two silly mistakes. In case it help the other..
1) You will see two keys listen_address and listen_addresses in postgresql.conf file. everytime I look at it, I was modifying the wrong key listen_address = '*' and then keep on restarting service, but i did not worked. the correct key to look for is plural one
listen_addresses = '*'
2) In pg_hba.conf file, instead of adding new row, we need to modify the existing row which is pointing to 127.0.0.1 address. my mistake was, I was adding another row with
host all all 0.0.0.0/0 md5
Check if the port is open for all or only for localhost using
sudo netstat -ntlp | grep LISTEN
Need access to the Odoo postgresql DB (via pgAdmin 4). Even with the changes made to pg_hba.conf it won't connect.
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all [Our Networks IP]/32 md5
host postgres odoo [Our Networks IP]/32 trust
host SLWK_PRE-PROD_DB odoo [Our Networks IP]/32 md5
# IPv6 local connections:
host all all ::1/128 md5
Is my format wrong or am I missing something else? I've tried connecting via bash as a super user and it won't let me query stuff either.
I've already tried editing the pg_hba.config with different settings but no avail.
When trying to connect via pgAdmin 4 the following error appears:
FATAL: no pg_hba.conf entry for host "[Our Networks IP]", user "odoo", database "postgres", SSL on
FATAL: no pg_hba.conf entry for host "[Our Networks IP]", user "odoo", database "postgres", SSL off
Probably, you need to restart PostgreSQL? You need to reload its configuration after making any changes to apply them.
The easiest way to do it is to restart PostgreSQL service:
service postgresql restart
You can also use pg_ctl:
sudo su postgres
pg_ctl reload
Or you can do inside PostgreSQL itself:
psql -U postgres
postgres=> SELECT pg_reload_conf();
Solved the issue by putting the AWS EC2 instance IP in the pg_hba.conf in the Unix-domain socket fields. Was putting my configuration in the TCP/IP part of the pg_hba.conf.
I have got the vagrant machine with Postgres on it. I need to connect with this database using some external tools (eg. pgmodeler, keetle).
So i start tunnel using:
ssh -L 5433:127.0.0.1:5432 vagrant#192.168.56.140 -i puphpet/files/dot/ssh/id_rsa
Then I try to login with command:
psql -h 127.0.0.1 -p 5433 -U postgres postgres
And I get an error:
FATAL: password authentication failed for user "postgres"
I'm a little bit confused because it used to work, and now it doesn't. I've tried to set user password but it didn't work. Where should i look for a problem?
You need to adjust the pg_hba.conf file of your postgres server to tell postgres from where connections for which users are allowed. In debian-like distributions you'll find this file in /etc/postgresql/9.1/main/pg_hba.conf.
When developing with vagrant i usually use the following entry in pg_hba.conf which allows all users to connect from everywhere without a password
# IPv4 connections from everywhere:
host all all 0.0.0.0/0 trust
NEVER USE THIS LINE ON A PRODUCTION SERVER
On top there is the following line in my Vagrantfile to forward the port
Vagrant.configure(2) do |config|
# more stuff
config.vm.network "forwarded_port", guest: 5432, host: 5433, host_ip: "127.0.0.1"
end
Do not forget to set the host_ip to localhost, otherwise postgres binds to all network interfaces of your local machine.
I have a VM set up with Vagrant that has Postgres running on it (on port 5432), forwarded to port 8280 on the host machine.
I have set the password for the default user and I can connect locally just fine.
I have been trying to set up access from the host machine over port 8280, and I have been unable to get it working with 'MD5' as the trust method.
I have set up postgresql.conf to listen on all addresses:
# postgresql.conf
listen_addresses = '*'
and I have configured pg_hab.conf as follows:
# pg_hab.conf
#TYPE DATABASE USER CIDR-ADDRESS METHOD
host all all 0.0.0.0/0 md5
With all of these settings, if I run the following command from my host machine:
psql --host=127.0.0.1 --port=8280 --username=postgres -d mydb -c '\l'
I am prompted for the password, and then I get:
psql: FATAL: password authentication failed for user "postgres"
If I then change the METHOD from 'md5' to 'trust' I'm not asked for a password and I can connect as expected. My question is - why can't I connect using 'md5', which is what I want to be able to do? I know that the password I am entering is correct (I have changed it), but for some reason it isn't working.
I had the same exact problem. The issue was on the host side, basically the firewall was blocking the port I was using. So this is what I did (I am using OSX Mavericks)
Open the port (Host)
sudo ipfw add 7000 allow tcp from any to any dst-port 7001
Modify Vagrantfile in order to allow portforwarding
config.vm.network "forwarded_port", guest: 5432, host: 7001
Edit postgresql.conf (Guest)
listen_addresses = '*'
Edit pg_hba.conf (you might want to tune this better)
host all all 0.0.0.0/0 md5
Now, from the host connect normally using the port (in my case 7001) and 'localhost' as host address
You need to set a password for the postgres user. It does not have one by default, so you cannot connect.
ALTER USER postgres PASSWORD 'somepassword';
Your local connections probably work because they're using unix sockets with peer authentication, not TCP/IP. If you use:
psql -h 127.0.0.1 -U postgres postgres
on the VM, you'll probably find that that fails too, because you're actually testing TCP/IP based connections now.
I get following error when I try to connect using DBI
DBI connect('database=chaosLRdb;host=192.168.0.1;port=5433','postgres',...)
failed: FATAL: no pg_hba.conf entry for host "192.168.0.1", user "postgres", database "chaosLRdb", SSL off
Here is my pg_hba.conf file:
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
host all postgres 127.0.0.1/32 trust
host all postgres 192.168.0.1/32 trust
host all all 192.168.0.1/32 trust
host all all 192.168.0.1/128 trust
host all all 192.168.0.1/32 md5
host chaosLRdb postgres 192.168.0.1/32 md5
local all all 192.168.0.1/32 trust
My perl code is
#!/usr/bin/perl-w
use DBI;
use FileHandle;
print "Start connecting to the DB...\n";
#ary = DBI->available_drivers(true);
%drivers = DBI->installed_drivers();
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433", "postgres", "chaos123");
May I know what i miss here?
If you can change this line:
host all all 192.168.0.1/32 md5
With this:
host all all all md5
You can see if this solves the problem.
But another consideration is your postgresql port(5432) is very open to password attacks with hackers (maybe they can brute force the password). You can change your postgresql port 5432 to '33333' or another value, so they can't know this configuration.
In your pg_hba.conf file, I see some incorrect and confusing lines:
# fine, this allows all dbs, all users, to be trusted from 192.168.0.1/32
# not recommend because of the lax permissions
host all all 192.168.0.1/32 trust
# wrong, /128 is an invalid netmask for ipv4, this line should be removed
host all all 192.168.0.1/128 trust
# this conflicts with the first line
# it says that that the password should be md5 and not plaintext
# I think the first line should be removed
host all all 192.168.0.1/32 md5
# this is fine except is it unnecessary because of the previous line
# which allows any user and any database to connect with md5 password
host chaosLRdb postgres 192.168.0.1/32 md5
# wrong, on local lines, an IP cannot be specified
# remove the 4th column
local all all 192.168.0.1/32 trust
I suspect that if you md5'd the password, this might work if you trim the lines. To get the md5 you can use perl or the following shell script:
echo -n 'chaos123' | md5sum
> d6766c33ba6cf0bb249b37151b068f10 -
So then your connect line would like something like:
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433",
"chaosuser", "d6766c33ba6cf0bb249b37151b068f10");
For more information, here's the documentation of postgres 8.X's pg_hba.conf file.
Your postgres server configuration seems correct
host all all 127.0.0.1/32 md5
host all all 192.168.0.1/32 trust
That should grant access from the client to the postgres server. So that leads me to believe the username / password is whats failing.
Test this by creating a specific user for that database
createuser -a -d -W -U postgres chaosuser
Then adjust your perl script to use the newly created user
my $dbh = DBI->connect("DBI:PgPP:database=chaosLRdb;host=192.168.0.1;port=5433", "chaosuser", "chaos123");
To resolve this problem, you can try this.
first, you have found out your pg_hba.conf by:
cd /etc/postgresql/9.5/main from your root directory
and open file using
sudo nano pg_hba.conf
then add this line:
local all all md5
to your pg_hba.conf and then restart by using the command:
sudo service postgresql restart
Add the following in line in pg_hba.conf
hostnossl all all 0.0.0.0/0 trust
And then restart the Service.
I faced the same issue. My db was on cloud
Error:
ERROR: no pg_hba.conf entry for host ".......", user ".........", database "....", SSL off
I add this configuration to resolve this,
"dialect": "postgres",
"dialectOptions": {
"ssl": {
"require": true,
"rejectUnauthorized": false
}
}
SSL parameter is the key telling DB to always use SSL for making connections.
To resolved this problem, you can try this.
first you have find out your pg_hba.conf and write :
local all all md5
after that restart pg server:
postgresql restart
or
sudo /etc/init.d/postgresql restart
If you are getting an error like the one below:
OperationalError: FATAL: no pg_hba.conf entry for host "your ipv6",
user "username", database "postgres", SSL off
then add an entry like the following, with your mac address.
host all all [your ipv6]/128 md5
If you are getting this error using node and pg module you can set ssl to not reject unauthorized access like this
const pool = new Pool({
connectionString: "your connection string",
ssl: {
rejectUnauthorized: false
}
})
For those who have the similar problem trying to connect to local db and trying like
con = psycopg2.connect(database="my_db", user="my_name", password="admin"), try to pass the additional parameter, so the following saved me a day:
con = psycopg2.connect(database="my_db", user="my_name", password="admin", host="localhost")
For those who are getting this error in DBeaver the solution was found here at line:
#lcustodio on the SSL page, set SSL mode: require and either leave the SSL Factory blank or use the org.postgresql.ssl.NonValidatingFactory
Under Network -> SSL tab I checked the Use SLL checkbox and set Advance -> SSL Mode = require and it now works.
also check the PGHOST variable:
ECHO $PGHOST
to see if it matches the local machine name
BTW, in my case it was that I needed to specify the user/pwd in the url, not as independent properties, they were ignored and my OS user was used to connect
My config is in a WebSphere 8.5.5 server.xml file
<dataSource
jndiName="jdbc/tableauPostgreSQL"
type="javax.sql.ConnectionPoolDataSource">
<jdbcDriver
javax.sql.ConnectionPoolDataSource="org.postgresql.ds.PGConnectionPoolDataSource"
javax.sql.DataSource="org.postgresql.ds.PGPoolingDataSource"
libraryRef="PostgreSqlJdbcLib"/>
<properties
url="jdbc:postgresql://server:port/mydb?user=fred&password=secret"/>
</dataSource>
This would not work and was getting the error:
<properties
user="fred"
password="secret"
url="jdbc:postgresql://server:port/mydb"/>
Please add the following line in /etc/postgresql/14/main/pg_hba.conf file
#IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
host all all all md5
while making the connection include ssl prop in configugration like this:
ssl: {
rejectUnauthorized: false
}
I've got the same issue in Azure Data Factory while connecting to Azure Database for PostgreSQL.
28000: no pg_hba.conf entry for host "", user "", database "postgres", SSL off
Here the issue was due to PostgreSQL database has ssl_min_protocol_version set to TLSV1.2 expecting a encrypted connection and the client connection was not using any encryption.
I've resolved the issue by setting the property "Encryption method" to SSL
I have used Docker container to run postgres. I faced this issue and to resolve this, I used POSTGRES_HOST_AUTH_METHOD=trust env variable at the time of starting container.
Here is an example command
docker run --name postgres --net appnet -e POSTGRES_PASSWORD=password -p 5432:5432 -e POSTGRES_HOST_AUTH_METHOD=trust -d postgres
If you want to connect postgres container to any other application which is running inside a docker container, it is best to run both the containers in same network. In this case, I have created a network appnet using docker network create command, used it to create my application container and postgres container.
Use SSL in the connection. This solves it instantly
Verify the postgres connection hostname/address in pgadmin and use the same in your connection parameter.
DBI connect('database=chaosLRdb;host="keep what is mentioned" ;port=5433','postgres',...)