I have a PgAdmin server running on localhost and I'm trying to connect to it from another computer on the same network (they have the same IPv4 address).
I've gone through a lot of questions but all of them explain how to connect to a remote server, which I assume is running on an available host.
I've tried:
adding listen_addresses = '*' to postgresql.conf (on both computers)
adding host all all 0.0.0.0/0 md5 to pg_hba.conf (on both computers, replacing 0.0.0.0/0 with a variety of ip addresses)
some other things I saw in tutorials but don't remember
What I'm trying to understand is:
Is it possible to connect remotely to a server running on localhost?
If it is possible, which IP address does the remote computer need to connect?
You need to resolve some basic questions first:
What is the IP of the computer where PG is running? e.g. 192.168.100.10
Which port is PG exposed on? e.g. 9999
After you collected the two above information you can go on the second computer where you have pgAmin and execute
telnet <host> <port>
substituting <host> and <port> with the info collected above. If telnet replies with
Trying ::1...
Connected to <host>.
Escape character is '^]'.
this should mean that the port is open and PG should be listening on that host:port. You found your connection string to PG!
I am just sharing my understanding here. Corrections are welcome.
pgAdmin can connect to one/more postgres servers via TCP over using JDBC like protocol. pgAdmin is just a stand-alone web-interface ( web adapter ).
So some web-server configuration/tuning should be needed in pgAdmin configuration to enable access from remote machines.
Related
I manage a postgresql DB on a windows server, the local connection with a client workstation on the postgresql server works perfectly, but when leaving the local network, the connection fails. I have tried several configurations offered on similar topics, but without success.
Here are some solutions already tried:
listen_addresses = '*'
port = 5432
host all all 0.0.0.0/0 md5 ... host all all 0.0.0.0/0 trust ... client side and server side postgresql
I disabled Windows Firewall and created specific inbound / outbound traffic rules for port 5432 ... client side and server windows side
I tried to create an ssh tunnel via psql, python or the pgAgmin interface but I got stuck on this message: "Failed to create the SSH tunnel. Error: Could not establish session to SSH gateway"
I am convinced that I am wrong on a configuration, but which one? This is the subject of my request ...
Does anyone know how to help me?
thank you,
I recently installed https://dbeaver.io/ on a Windows PC and wish to access a database on a remote Linux server from it.
My Linux username is my_username and I also have a system user psql_user. I also have two existing PostgreSQL databases with the same name as their respective user. Typically, only the psql_user is used and is access by a php-fpm pool listening to a Unix socket and running as user psql_user, and as such have configured /var/lib/pgsql/12/data/pg_hba.conf as:
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all ::1/128 ident
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
With the above configuration, after ssh'ing onto the server, I can access the my_username database by executing psql and can also access the psql_user database by executing sudo -u psql_user psql and do not need to use a password for either.
But now, how to connect from the remote Windows PC?
To attempt to do so, I first created ssh keys without passphrases on the Windows PC for both my_username and psql_user and added the public key to each Linux user's authorized_keys (had to manually create /home/psql_user/ because it is a systems user). I can can successfully PuTTY to the server as either using the ssh keys.
Next, on the DBeaver connection settings SSH tab, I checked "Use SSH Tunnel", entered the username and private key location and the Test tunnel configuration successfully shows connected with the client version as SSH-2.0-JSCH-01.54 and server version as SSH-2.0-OpenSSH_7.4. I also made no changes to the Advanced portion of this tab such as local and remote hosts and ports, and have also left the "You can use variables in SSH parameters" at their default values.
Using my server IP in the main tab, Authentication "Database Native", and leave password empty, I test the connection but get The connection attempt failed. syslog reports that connection to the IP on port 5432 failed which makes sense because I am set up using Unix sockets.
So, then I change the server IP on the main tab to 127.0.0.1 (or localhost) and try again but get FATAL: Ident authentication failed for user "my_username". Okay, a little closer, but not quite there.
I think it might be because DBeaver is passing the port so I attempt to disable this part by got to the Edit Driver tab and changing jdbc:postgresql://{host}[:{port}]/[{database}] to jdbc:postgresql://{host}/[{database}], but now get Connection to 127.0.0.1:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Not sure where to go next. When I PuTTY into the Linux machine, all is good but not when connecting remotely using DBeaver, and thought it would be the same if I am using SSH to connect DBeaver to the server. How can this be accomplished?
As pointed out in the other answer, DBeaver's SSH tunnel option doesn't support sockets currently. It is always TCP port based, so only connections using the host options in pg_hba.conf can be made (I've placed a feature request for SSH socket forwarding in DBeaver).
Here's how to set up forwarding of a local TCP port to a remote Unix socket. This allows you to use peer authentication over the Unix socket, so you don't have to provide a password for the PostgreSQL role:
ssh username#dbserver.example.com -L 5555:/var/run/postgresql/.s.PGSQL.5432 -fN
While I think that ssh tunnelling can be set up to connect to a unix socket rather than a port, I don't think dbeaver offers a way to do that, so you would have to set it up separately.
Although ident should also work if your server runs the identd service. I think most linux don't do that by default, but just apt install oidentd or whatever the equiv would be on your package manager should fix that.
The easier solution would be to just change the method from ident to md5 or scram, and assign a password (which dbeaver offers to memorize).
I am trying to fetch data from the Postgres server which is remotely available from Amazon EC2 instance. When I try to telnet the remote server, it is connected.
But when I am running a kafka connector which connects to the remote Postgres server it throws an error stating
FATAL: no pg_hba.conf entry for host, SSL off for configuration Couldn't open a connection to jdbc:postgresql://<url>
I tried changing the connection string from
jdbc:postgresql://host:5432/schema_name?user=******&password=******&defaultFetchSize=250000&useCursorFetch=true
to
jdbc:postgresql://host:5432/schema_name?ssl=true&user=******&password=******&defaultFetchSize=250000&useCursorFetch=true
then it throws another error which is
The server does not support SSL. for configuration Couldn't open a connection to jdbc:postgresql://<url>
There is no SSL support in the Postgres server because I can connect to the server through any DB connector without ssh. I am sure it has to do something with the security access group of EC2(considering I can telnet to the server from the instance). Any help would be much appreciated.
Looks like error is in the pg_hba.conf. I would have put this as a comment but not enough rep.
When you telnet to the server did you use the db port?
Can you post your pg_hba.conf file. This is one off my home dev server. You'll need to add a line similar to this: host all all 192.168.1.1/24 md5 with your IP addr and details.
If you're using this in a corporate network I'd highly recommend looking at a amazon VPC and not to expose your database to the internet.
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
host all all 10.10.187.1/24 md5
First of all: my only experience with SQL is by SQLite which is a server-less engine. I'm new on all this client/server story.
Summarizing my goal: I need to read/write from/into a PosgreSQL database from different computers. Those computers (all with Windows 7 or 10 installed) share the same network but I cannot install any software on them.
My idea was to download the portable PostgreSQL server and save it in a network shared directory (e.g. Y:\PortableProject) so all computers have access to the executable files and to the Data folder containing the databases. Suppose the network IP is 192.170.1.200 (from ipconfig command), here are the steps I tried to do so far:
In order to allow IP 192.170.1.200 being a host, open pg_hba.conf file and add the following line in the EOF
host all all 192.170.1.200/32 trust
In order to give permission to all computers accessing the server, open postgresql.conf and update listen_addresses to *
listen_addresses = '*'
Open the command prompt in one computer (e.g. computer A) and start the server from a prompt with the following command:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\pg_ctl.exe" start -D "Y:\PortableProject\PostgreSQLPortable\Data\data"
Proceed with writing and reading in all computers. E.g., on computer B, open its prompt command and read all information on table tabtest from database dbtest (supposing they exist) with the command:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\psql.exe" -h 192.170.1.200 -p 5432 -U postgres -d dbtest -c "SELECT * FROM tabtest"
Close the connection on computer A:
"Y:\PortableProject\PostgreSQLPortable\App\PgSQL\bin\pg_ctl.exe" stop -D "Y:\PortableProject\PostgreSQLPortable\Data\data"
The problem occurs on step 4. Even if I run it from computer A, I get the following error
psql: could not connect to server: Connection refused (0x0000274D/10061)
Is the server running on host "192.170.1.200" and accepting
TCP/IP connections on port 5432?
Am I doing it completely wrong? Is it even possible to reach my goal?
Is the server running on host "192.170.1.200" and accepting TCP/IP connections on port 5432?
That mean the server is running in 192.170.1.200, now you are executing from the server pc or from a different pc?
The pg_hba.conf is to list what other address / users are allow to access that sever.
So if you are access from the same pc you use
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
For external address you use something like
host all all 192.170.1.1/24 trust
This will allow access to pc with the following IP address range. IP Calculator
HostMin: 192.170.1.1
HostMax: 192.170.1.254
I am running openerp(odoo) application from amazon cloud server using putty and it is ubuntu Headless(NO GUI) server. PostgreSQL is the database used for this application. Right now I am only able to access it in command mode as there is no gui in Putty. In Windows, I have installed pgadmin3. Is it possible to access it from here by configuring?
You can configure your security group to open up the postgres port accessible from your IP address (I would highly recommend the access to be limited that way). After that you can just point your GUI client the external IP address of your instance using the port where the service is running on.
I suggest you to use pgadmin gui tool to access postgres database.
You can set up an SSH tunnel in putty and use that to access the remote database with your local pgadmin3. This is a very good and secure way to do things.
First, in Putty (Connection / SSH / Tunnels) add a source port of your choice, 5000 for example. Then enter localhost:5432 for Destination (providing postgres is running on port 5432 on the server). Press Add and save your session. Next time you open your ssh connection with Putty, the tunnel will be active.
After this, set up a new connection in pgadmin3, Host: localhost and Port: 5000 (and your username and pasword, of course). Now, if the putty session is active, you should be able to connect.
In postgresql.conf file, find a line called
listen_addresses = 'localhost' and change it to '*'
Next in pg_hba.conf add this line in IPV4 local connections,
host all all (Your external ip address in CIDR format) trust
Finally restart the database using this command,sudo service postgresql restart