I have a ThingsBoard Professional Edition setup using AWS EC2 instance. The database is PostgreSQL-12. I tend to get the following error: FATAL: password authentication failed for user "postgres" FATAL: password authentication failed for user "postgres" when trying to log into the remote database server on pgAdmin4.
Here is a screenshot of the error shown when attempting to log in to server created on pgAdmin4.
Here is how I configured the remote database server (where Host name/address is the Public IPv4 of my EC2 instance).
In postgresql.conf, I have replaced the line listen_address='127.0.0.1' with listen_addresses='*'.
In pg_hba.conf, I added host all all 0.0.0.0/0 md5.
Here is a screenshot of my pg_hba.conf file:
I have also set the password for the user 'postgres' using the psql command #\password.
Here is what is shown in thingboard.log when I run the command:
cat /var/log/thingsboard/thingsboard.log | grep ERROR
Partial screenshot of /var/log/postgresql/postgresql-12-main.log shows the following:
I constantly have to use #ALTER USER postgres PASSWORD ‘<password>’; to be able to overcome this error but the error tends to return when I restart my local Windows machine.
That must be done by some software other than PostgreSQL.
Configure logging by setting log_statement = 'ddl' in postgresql.conf and restarting the database. Then you can more easily figure out when and by which software your password gets changed.
Additionally, configure pg_hba.conf to not allow passwordless connections from anywhere, then change the password. You may see some component start to complain - that component may be at fault.
Related
I just did a fresh installation of postgres 13 on my windows 10 64 bit and when I open the pgadmin 4 there are not servers listed on the servers list on left handside. When I try to add a server I get Unable to connect to server: FATAL: role "postgres" does not exist
the credentials I am using here are the credentials I entered while installing postgres but I have tried a bunch of other creds as well like postgres and blank, postgres and postgres but the behavior is same.
In my pg_hba.conf file the value of method is already set to trust instead of md5 so I have not made any changes to that file. I have tried restarting the postgres service as well but that didnt help.
Any help would be appreciated.
I am having an issue that has been bothering me for some time now. It is with postgres on my mac. I set a password for postgres and I can not remember it for some reason. I have looked up and attempted several different methods for trying to reset the password but none of them are working and I need it fixed as soon as possible.
Here is what my pg_hba.conf file
# TYPE DATABASE USER ADDRESS METHOD
local all all trust
I reset the local all all trust and then restarted my postgres server running
brew services restart postgres
and when i go to try and open postgres on my terminal I get the same password issue:
omars-MacBook-Pro:postgres omarjandali$ psql -U postgres -W -h localhost
Password:
psql: error: could not connect to server: FATAL: password authentication failed for user "postgres"
or
omars-MacBook-Pro:~ omarjandali$ psql -h 127.0.0.1 -U postgres
Password for user postgres:
psql: error: could not connect to server: FATAL: password authentication failed for user "postgres"`
You only configured "local" connections which are using Unix domain sockets. But your psql command line tries to establish a TCP connection (-h ...), which is not configured in your pg_hba.conf.
You need to use host instead of localin pg_hba.conf to allow trusted, non-password connections through TCP.
But that is a really, really bad idea, because that means that as soon as your Mac is visible on the internet, everybody can connect to your Postgres instance and hack it. This isn't a theoretical threat - there have been numerous posts on this site regarding that.
If you want to allow connections without passwords, at least only allow them from "localhost", not from the outside:
# TYPE DATABASE USER ADDRESS METHOD
host all all samehost trust
I have installed postgresql database and pgadmin4 on my fedora machine.
after starting the postgresql service and trying to connect to postgresql server
from pgadmin4
i am getting this error
Unable to connect to server:
FATAL: Ident authentication failed for user "postgres".
how should i fix this?
Did you create the "postgres" user while installing? You may be using wrong credentials, if you have forgotten the password, please change the pg_hba.conf (then reload or restart postgresql server) to allow all the connections from local without credentials, then change the password for postgres (again reload or restart postgresql) user. Change the pg_hba.conf to use credentials and try logging in.
Postgres 10 installed on a Ubuntu 18.04 sandbox
I'm able to connect to my database just fine if I SSH into my machine with Putty. (localhost port 22 forwarding is in place in VirtualBox)
dangel#ubuntu1804nginx:~$ psql
psql (10.5 (Ubuntu 10.5-0ubuntu0.18.04))
Type "help" for help.
dangel=#
However when trying to setup a remote connection through PGAdmin or DataGrip, I'm being asked for a database username and password...
The specified database user/password combination is rejected:
[08004] The server requested password-based authentication, but no password was provided
I've tried leaving the database and user field blank, and also populating them. Same thing.
The reason this confuses me, is that I thought by connecting via SSH, I should be using ident authentication? Thereby not needing a password? (which I don't have a password set) (I know I must be missing a simple concept, but what is it?)
EDIT:
log file entry
2018-09-02 03:57:07.865 UTC [13127] dangel#dangel FATAL: password authentication failed for user "dangel"
2018-09-02 03:57:07.865 UTC [13127] dangel#dangel DETAIL: User "dangel" has no password assigned.
Connection matched pg_hba.conf line 94: "host all all ::1/128 md5"
Your pg_hba demands a password for that usage, but the user doesn't have a password so it is impossible to satisfy.
Either assign the database user a password in the database (alter user dangel password 'open_sesame'; or use the \password psql command), or change line 94 of "pg_hba.conf" to be "trust" rather than "md5". Or a third option (untested), make the "Host" on the "General" tab be the empty string, rather than "localhost".
Your psql command works, because that is using a "local" entry in the pg_hba, not the "host" entry. If you want to use psql to debug this, then you need to use psql -h localhost, which will force it to go through the same pg_hba entry as the other ones do.
I've been trying to configure postgresql with PAM on a Red hat server so that I can get remote access to the server via pgAdmin and use local (server) authentication with PAM.
I have edited the pg_hba.conf file and changed the appropriate line:
host postgres all 0.0.0.0/0 md5
and added this one:
host pam_testing all 0.0.0.0/0 pam pamservice=postgresql95
Moreover I created database user with the same username as I use to log in with putty (no password, simply create user xxx)
When I try to log in remotely with pgAdmin to postgres database (using md5) with my database user everything works smoothly.
But When I try to connect (also remotely, with pgAdmin) to pam_testing database with my server username (to which I log in via ssh using putty) and give the password I get the following error:
Error connecting to the server: FATAL: PAM authentication failed for
user XXX
BUT! When I log in locally to pam_testing while connected via putty it works! My system user gets logged in and authenticated without any problems. And it only happens for users, which I added to the database using create user.
I'm guessing it must be some kind of authentication issue (with the server maybe? It belongs to company and I don't know what other authentication methods it uses) but I'm not sure. Any ideas?
System: Red hat 6.8,
Postgresql: 9.5
Thanks in advance!
Do systemctl | grep unix_chkpwd and if you see lines like these
unix_chkpwd[13081]: check pass; user unknown
unix_chkpwd[13081]: password check failed for user (<username>)
then you've encountered the same problem I did.
To solve it you need to give postgres user read permissions to /etc/shadow file. You can do this via acl: setfacl -m g:postgres:r /etc/shadow, or by creating some group, giving it this permission and then adding postgres to it. Then do systemctl restart postgresql.service.
The underlying mechanics of authenticating with pam is described in this post. The key moment is the following: unix_chkpwd runs under the uid of the process which wants to authenticate someone, so if it's not root (and /etc/shadow is used which I believe is the common case), it can't do its job.