extending IP range for postgres - postgresql

Docker container, ubuntu20 it is.
I have manually installed postgres 12.9 in it.
when I do PGPASSWORD='mysecretpassword' psql -U postgres -p 5432 -h localhost (or 127.0.0.1) from inside a docker it works 100% OK - psql console appears
The problem appears when I try to replace localhost with non-loopback IP number. It either hangs or prints:
PGPASSWORD='mysecretpassword' psql -U postgres -p 5432 -h 172.17.0.5
psql: error: connection to server at "172.17.0.5", port 5432 failed: Connection refused
Is the server running on that host and accepting TCP/IP connections?
Also, what somehow is understandable, it prints same error when trying to access it from external machine (docker-host).
My /etc/postgresql/12/main/pg_hba.conf is:
local all postgres peer
local all all peer
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
host all all 172.17.0.0/24 md5
host replication all 172.17.0.0/24 md5
with 2 lines at the end are added by me... unfortunately still it doesn't work.
Tried various other options 0.0.0.0/32 etc... can any1 explain me how to open my psql to all IPs ?

Related

postgresql: Failing to connect locally via pgadmin3 (and phppgadmin)

I am able to connect via command line but getting the usual error message in pgadmin3.
Error connecting to the server: FATAL: password authentication failed for user "postgres"
(and login failed in phppgadmin)
I know there are several q/a about this but none is addressing command-line success / pgadmin3 failure.
I have made the suggested changes such as:
adding listen_addresses = '*' in postgresql.conf
as also modifying trailing lines of pg_hba.conf as follows (to switch from peer to md5):
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
# host replication postgres ::1/128 md5
what is more, connection in the following way fails:
psql -h localhost -U postgres -d postgres
(password failure)
however, connection like this succeeds:
sudo -u postgres psql
Password: ****
It turns out that the server was listening to 5433 and both GUIs were trying to connect to 5432... the error message
password authentication failed
was very misleading though....

valentina db doesn't allow me to use ssh into a postgres even though i can do it normally

I have a AWS server which I can access using SSH with a .pem key.
Using valentina, i tried to access the postgres this way
I keep getting a failed Ident message.
I used that same .pem file and ssh into the server.
Used the same postgres user and password to access using psql client.
It works.
What do I need to do to make the Valentina Studio work as well?
UPDATE:
I have changed my pg_hba.conf to the following:
host all all * ident
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
I can run psql -U postgres on the postgres server.
I cannot run psql -h localhost -U postgres on the the postgres server.
UPDATE 2:
# "local" is for Unix domain socket connections only
local all postgres peer
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
This solves the issue
I keep getting a failed Ident message.
This suggests that you can in fact ssh in fine.
At a guess, your manual tests are along the lines of:
psql mydb
which will generally use a unix socket, which appears as local entries in pg_hba.conf.
By contrast your application will be connecting over TCP/IP, probably to a socket forwarded over ssh to localhost. This authenticates with host entries in pg_hba.conf.
So I think you're testing a different thing when logging in directly.
Try manually:
psql -h localhost mydb
i.e. force a TCP/IP connection to be used. You'll get the same error, and it's because of your setup in pg_hba.conf choosing ident as the auth method for host connections from localhost, and presumably there's no identd running or other mechanism to allow proper ident. You probably want to use md5 auth.

Ident authentication failed on PostgreSQL through SSH tunnel

I have PostgreSQL server and a seperate computer is a client of it. They are in one network. If I use psql command like
psql --host db_ip_address --port 5432 --user user base_name
connection goes fine and all works.
But if I'll open SSH tunnel to DB server like:
ssh -L 63333:localhost:5432 root#db_ip_address
and then try to do the same like:
psql --host localhost --port 63333 --user user base_name
than it suddenly output error message:
psql: FATAL: Ident authentication failed for user "user"
pg_hba.conf on server have this lines:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all 192.168.0.49/32 trust
host all all 192.168.0.50/32 trust
host all all 192.168.0.48/32 trust
# IPv6 local connections:
host all all ::1/128 ident
I need to use SSH tunnels because I actually need one more tunnel for my own computer, and it is the only way to get connection for db on it.
And I don't want to change any configuration or base on PostgreSQL server, because it is working in real time server.
Hope for help.
Based on the error message and pg_hba.conf, the server resolves localhost to its IPv6 address, which is tied to ident authentication.
As a solution, you may either:
change pg_hba.conf to set trust method for ::1/128, as is already the case for 127.0.0.1/32
or run psql --host 127.0.0.1 --port 63333 [other options]... to force the IPv4 address.

Postgresql: Unable to connect through psql at console to default localhost

Postgresql server running and verified on 5432 on my localhost system:
If I type: psql -l I get the following response:
psql: could not connect to server: No such file or directory
Is the server running locally and accepting connections on Unix domain socket "/var/run/postgresql/.s.PGSQL.5432"?
If I type psql -h localhost -l, it works and gives me a list of the databases.
The pg_hba.conf file is wide open, showing:
TYPE DATABASE USER ADDRESS METHOD
The value "local" is for Unix domain socket connections only:
local all all trust
Allow any IP to connect without password:
host all all 0.0.0.0/0 trust
IPv4 local connections:
host all all 127.0.0.1/32 trust
IPv6 local connections:
host all all ::1/128 trust
What have I missed? On other systems the first call from the command line works fine.
It sounds like when you are running the command you are connecting to localhost, not the file socket.. try
psql -h localhost -p 5432
Default Admin Login sudo -u postgres psql
Login into specific db with privilages psql -h host -p port -U User_Name db_name
Is the server running locally and accepting connections on Unix domain
socket "/var/run/postgresql/.s.PGSQL.5432"?
This just means that the unix_socket_directory configuration parameter on the server differs from the default of the client-side psql.
/var/run/postgresql is the default Unix domain socket path for Debian-based packages. For a self-compiled server, it is /tmp. It may also be a custom path specified in postgresql.conf or through a start directive.
Assuming it's /tmp you could do psql -l -h /tmp. The command knows that the parameter following -h is to be interpreted as a directory and not as a hostname because it starts with a slash.

postgres hba.conf for jdbc

I'm trying to set up a JDBC connection to postgres from another program.
When I run the program, I get the following error:
[2013-03-24 03:14:10,542][ERROR][org.elasticsearch.river.jdbc.strategy.simple.SimpleRiverSource] while opening read connection: jdbc:postgresql://[my postgres server's ip address]:5432/[my database name] FATAL: no pg_hba.conf entry for host "[my client ip address]", user "postgres", database "[my database name]", SSL off
I can connect to the server successfully with a command line client by running:
psql -d [my database name] -U postgres -p 5432 -h [my postgres server ip address]
I think then that I have a unix socket connection that works but need to enable tcp connection in the pg_hba.conf, but it looks like I already have several tcp connections allowed in the pg_hba.conf file below... can anyone advise what I may be doing wrong?
My pg_hba.conf contains the following uncommented lines:
hostssl all all 0.0.0.0/0 md5
host all all 10.0.0.0/8 md5
local all postgres peer
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
If doing devel on local computer and booth program and DB run on the same machine go with:
# IPv4 local connections:
host all all 127.0.0.1/32 trust