I get following error when I try to connect using Beekeeper-Studio :
no pg_hba.conf entry for host "105.104.156.80", use"sdgij;sdhfhhuih", database"uhoidfgiosdff", no encryption
Here is my pg_hba.conf file:
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
Your database server is only accepting connections from local clients:
host all all 127.0.0.1/32 md5
You need to add a line to pg_hba.conf that allows connections from your local network, something like so:
host all all 105.104.156.0/24 md5
But you should be VERY cautious with making changes to pg_hba.conf as you can let in hackers on your server if not careful. See the documentation for details. In particular, you should reduce the allowed address range, the database to connect to and possibly the list of allowed users.
Related
So I'm editing my original post and reducing it a bit.
I have a server running Ubuntu 22.04LTS and postgresql 10. I have installed an application on it that requires access to the dbase via it's own dbase user, password and the dbase "gitea".
I created a user "gitea" with a password in postrgesql and I can access it locally using the following command:
psql gitea gitea
My pg_hba.conf file is:
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
host all bugs 127.0.0.1 255.255.255.255 md5
host all gitea 127.0.0.1 255.255.255.255 md5
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host all all ::1/128 scram-sha-256
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256
So why does this allow me to access the dbase without a password? Is it an easy change to make sure that the user "gitea" always has to use a password whether it's local or remote?
Cheers!!
I know this question has been asked several times before, but all answers I could find tell you to add a line like the following to the pg_hba.conf file:
host all all 127.0.0.1/32 md5
So my pg_hba.conf file now looks like this:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 ident
#host replication postgres ::1/128 ident
# I've added the following lines:
host all all 127.0.0.1/32 trust
host all all ::1/128 trust
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
host all all 192.168.0.0/24 md5
I have set up several postgresql servers in the past on ubuntu and never had a problem. However, on fedora, I still get the following error message:
FATAL: Ident authentication failed for user "postgres"
The server is running on Fedora 27 Workstation and the postgresql version is 9.6.8-1.fc27.
You have two authentication rules for localhost in your pg_hba.conf, namely ..
host all all 127.0.0.1/32 ident
and
host all all 127.0.0.1/32 trust
I believe the system is trying to validate the two authentication options, making the trust option being overwritten by ident. Since you're most likely trying to use trust to authenticate from localhost (based on your file), just comment/delete the following line:
host all all 127.0.0.1/32 ident
And afterwards either restart your database or reload the conf file using the following query:
SELECT pg_reload_conf();
I am trying to run some postgresql commands through a fabric script. When I execute the script I get:
out: psql: FATAL: Peer authentication failed for user "sparc2"
This is how my pg_hba.conf file looks like:
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
# added
local sparc2 sparc2 md5
host sparc2 sparc2 127.0.0.1/32 md5
host sparc2 sparc2 10.0.2.2/32 md5
host all all all password
I have also modified the postgresql.conf file with adding this line:
listen_addresses = '*'
After applying the changes I restarted postgresql. But the error is still the same.
PostgreSQL has 2 connection entry points:
TCP/IP (host in pg_hba.conf)
Unix sockets (local in pg_hba.conf)
Your server is configured to use peer auth which works only for Unix sockets, and means - ask the kernel if the OS username matches DB username.
You have following options:
change pg_hba.conf to use md5 auth for local socket connections, or
change connection settings in your script to use IP connection (127.0.0.1 should work) instead of socket connection. [ This may not require editing the files - sometimes setting PGHOST variable is enough ], or
make your script to run from OS user sparc2, not postgres.
Risks / drawbacks
if you change peer to md5, some automation scripts that run from "postgres" OS user, and rely on "peer" auth, will stop working. They will start asking for password
if you change peer to md5, and forget database superuser password, you may have to re-enable peer auth to reset it.
In general, the "peer" auth is OK. Ease and security of kernel-based local auth is the reason why many distributions choose it for local admin connections. It is useful especially on multi-user shell servers. You can disable it for selected accounts only:
#CHANNEL DB USER METHOD
local all sparc2 md5
local all all peer
More details: here and here.
Having difficulty getting Mezzanine to connect to Postgresql via Docker
In my postgresql.conf I have:
listen_addresses = '*'
In my pg_hba.conf I have:
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
host all all samenet trust
host all all 0.0.0.0/0 md5
The error I keep getting is:
could not connect to server: Connection refused
Is the server running on host "127.0.0.1" and accepting
TCP/IP connections on port 5432?
I have PORT in settings.py set to '' but I have PORT defined in postgresql.conf to 5432.
Any suggestions?
Ensure that port mapping is properly configured https://docs.docker.com/userguide/dockerlinks/
If your app is running in one container and postgresql server is running in another container, you need to link containers together.
By the way you are trying to establish connection via localhost and you have md5 authentication method there. For debug purposes change authentication method to trust. You should EDIT this line in your pg_hba.conf NOT to ADD another line.
host all all 127.0.0.1/32 md5
The best way to debug connection issues is to use psql utility.
I'm trying to deploy my Rails application through Capistrano 3.
On my own server everything was working but with my new one, I have some problem to access to the database :
DEBUG [05c115bf] FATAL: no pg_hba.conf entry for host "ip.address.of.the.server", user "postgres", database "my_database", SSL on
DEBUG [05c115bf] FATAL: no pg_hba.conf entry for host "ip.address.of.the.server", user "postgres", database "my_database", SSL off
I know that the problem comes form pg_hba but I cannot find where exactly.
This is what I've tried :
# Database administrative login by Unix domain socket
local all postgres md5
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
hostssl all all ip.address.of.the.server/24 md5
hostnossl all all ip.address.of.the.server/24 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
Currently I'm blocked at this point.
put real IP address of the server with which you want to connect instead if ip.address.of.the.server for more info visit pg_hba.conf
The problem came from my deploy.rb where I made a mistake on the host... Simply.
After hours of researches, this problem is finally fixed. Thank you for your help.