As the title suggest I'm trying to configure a postgresql server to be accessible remotely. I've followed many guides and viewed some of the other answers here however I'm still having trouble.
The details:
os, windows 10
postgresql version on host is 11.6
postgresql version on remote is 11.2 with anaconda install
I have changed the pg_hba.conf and postgresql.conf to allow for connections to the server.
More specifically I've added the line
host all all xxx.xx.x.0/0 trust
I can verify that the host is listening on local address 0.0.0.0:5432 via netstat.
I can ping the ip of the host from the remote, and I have set windows firewalls on the host to allow connection.
Yet I still recieve the following error when trying to access psql from the remote.
psql: could not connect to server: Connection timed out (0x0000274C/10060)
Is the server running on host "xxx.xx.x.144" and accepting
TCP/IP connections on port 5432?```
I had to double check the windows firewall permissions. The connection was enabled but the application was not set to allowed. It turns out a local user can enable connection but I needed the system admin to set the application executable to allowed by the windows fire wall.
Related
I recently installed https://dbeaver.io/ on a Windows PC and wish to access a database on a remote Linux server from it.
My Linux username is my_username and I also have a system user psql_user. I also have two existing PostgreSQL databases with the same name as their respective user. Typically, only the psql_user is used and is access by a php-fpm pool listening to a Unix socket and running as user psql_user, and as such have configured /var/lib/pgsql/12/data/pg_hba.conf as:
# TYPE DATABASE USER ADDRESS METHOD
local all all peer
host all all 127.0.0.1/32 ident
host all all ::1/128 ident
local replication all peer
host replication all 127.0.0.1/32 ident
host replication all ::1/128 ident
With the above configuration, after ssh'ing onto the server, I can access the my_username database by executing psql and can also access the psql_user database by executing sudo -u psql_user psql and do not need to use a password for either.
But now, how to connect from the remote Windows PC?
To attempt to do so, I first created ssh keys without passphrases on the Windows PC for both my_username and psql_user and added the public key to each Linux user's authorized_keys (had to manually create /home/psql_user/ because it is a systems user). I can can successfully PuTTY to the server as either using the ssh keys.
Next, on the DBeaver connection settings SSH tab, I checked "Use SSH Tunnel", entered the username and private key location and the Test tunnel configuration successfully shows connected with the client version as SSH-2.0-JSCH-01.54 and server version as SSH-2.0-OpenSSH_7.4. I also made no changes to the Advanced portion of this tab such as local and remote hosts and ports, and have also left the "You can use variables in SSH parameters" at their default values.
Using my server IP in the main tab, Authentication "Database Native", and leave password empty, I test the connection but get The connection attempt failed. syslog reports that connection to the IP on port 5432 failed which makes sense because I am set up using Unix sockets.
So, then I change the server IP on the main tab to 127.0.0.1 (or localhost) and try again but get FATAL: Ident authentication failed for user "my_username". Okay, a little closer, but not quite there.
I think it might be because DBeaver is passing the port so I attempt to disable this part by got to the Edit Driver tab and changing jdbc:postgresql://{host}[:{port}]/[{database}] to jdbc:postgresql://{host}/[{database}], but now get Connection to 127.0.0.1:5432 refused. Check that the hostname and port are correct and that the postmaster is accepting TCP/IP connections.
Not sure where to go next. When I PuTTY into the Linux machine, all is good but not when connecting remotely using DBeaver, and thought it would be the same if I am using SSH to connect DBeaver to the server. How can this be accomplished?
As pointed out in the other answer, DBeaver's SSH tunnel option doesn't support sockets currently. It is always TCP port based, so only connections using the host options in pg_hba.conf can be made (I've placed a feature request for SSH socket forwarding in DBeaver).
Here's how to set up forwarding of a local TCP port to a remote Unix socket. This allows you to use peer authentication over the Unix socket, so you don't have to provide a password for the PostgreSQL role:
ssh username#dbserver.example.com -L 5555:/var/run/postgresql/.s.PGSQL.5432 -fN
While I think that ssh tunnelling can be set up to connect to a unix socket rather than a port, I don't think dbeaver offers a way to do that, so you would have to set it up separately.
Although ident should also work if your server runs the identd service. I think most linux don't do that by default, but just apt install oidentd or whatever the equiv would be on your package manager should fix that.
The easier solution would be to just change the method from ident to md5 or scram, and assign a password (which dbeaver offers to memorize).
I'm having big troubles connecting to PostgreSQL, installed in WSL2 Ubuntu, from the Windows 10 host.
Here is what I have done so far.
Set password for postgres user.
Set the following in pg_hpa.conf
local all postgres md5
host all all 0.0.0.0/0 md5
Set the following in postgresql.conf
listen_addresses = '*'
Tested successfully that I can connect with psql -U postgres - so password should be set correctly.
When I try to connect using either pgAdmin or psql from the Windows 10 host, I get the following error.
error: could not connect to server: FATAL: password authentication failed for user "postgres"
Anything else I can change in pg_hpa.conf or other PostgreSQL configurations which might help?
I'm thinking that I could have something to do with that WSL2 has its own IP, even tough that connections from the hosts are made appear coming from localhost. The connection seems to be made, but authentication failed for some reason when it is not made from within Ubuntu.
I later tested with nc -l 5432 and for some reason, port 5432 didn't reach WSL2 on local host, but did on WSL-2 IP. If I use any other free port e.g. 5434 (free both on Windows and WSL-2) it works fine and I can connect to the PostgreSQL service on WSl-2 through localhost on windows.
I didn't change any options since the original posted question - only the port.
Update: It turns out that there indeed was a process from an old install of postgres on Windows which was listening on port 5432. This of cause explains it all. ..:/
As was pointed out by the original poster, ensure that you do not have a Windows service already running and listening on that port. In my case it was a PostgreSQL instance installed as a Windows service. Whatever the underlying networking support, it seems you can have a process/service listening on port 5432 in Windows as well as a separate Linux process listening on port 5432 from WSL2.
It was not enough to stop the Windows PostgreSQL service. Connecting from the Windows pgAdmin4 installation program failed. I also disabled the service from Microsoft Services console.
I needed to also stop and start the WSL2 postgresql. Only then was I successfully able to connect from my Windows pgAdmin4 installation program to the WSL2 postgreSQL
There is a PostgreSQL server on a Windows computer that I need to access remotely. It's not on the local network. I'm trying to connect to it with pg_pconnect. I have an AMP stack with PHP 7.1.23 on my local Mac computer and I can connect to it just fine. (The connection works, I can make queries, etc.) When I upload the same script to a hosting provider (LAMP stack with PHP 7.1.22) the script does not work anymore.
Warning: pg_pconnect(): Unable to connect to PostgreSQL server: could not connect to server: Connection refused
Is the server running on host "x.x.x.x" and accepting
TCP/IP connections on port 5432? in /path/to/my-script on line 42
I would think that the SQL server does not allow remote connections if it didn't allow the connection from my computer either. But to that server both connections would be remote, right? So how can it allow one and not allow the other?
Turned out that the hosting provider had to whitelist the IP address first. That's why it didn't work.
I am using postgres database which is accessed by jboss and tomcat server.
My server accidentally restarted and then postgres service was not showing in the services list.
When I tried to open postgres local host server using pgadminIII it showed following error:
Server doesn't listen
The server doesn't accept connections: the connection library reports
could not connect to server: Connection refused (0x0000274D/10061) Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432? could not connect to server: Connection refused (0x0000274D/10061) Is the server running on host "localhost" (127.0.0.1) and accepting TCP/IP connections on port 5432?
If you encounter this message, please check if the server you're trying to contact is actually running PostgreSQL on the given port. Test if you have network connectivity from your client to the server host using ping or equivalent tools. Is your network / VPN / SSH tunnel / firewall configured correctly?
For security reasons, PostgreSQL does not listen on all available IP addresses on the server machine initially. In order to access the server over the network, you need to enable listening on the address first.
For PostgreSQL servers starting with version 8.0, this is controlled using the "listen_addresses" parameter in the postgresql.conf file. Here, you can enter a list of IP addresses the server should listen on, or simply use '*' to listen on all available IP addresses. For earlier servers (Version 7.3 or 7.4), you'll need to set the "tcpip_socket" parameter to 'true'.
You can use the postgresql.conf editor that is built into pgAdmin III to edit the postgresql.conf configuration file. After changing this file, you need to restart the server process to make the setting effective.
If you double-checked your configuration but still get this error message, it's still unlikely that you encounter a fatal PostgreSQL misbehaviour. You probably have some low level network connectivity problems (e.g. firewall configuration). Please check this thoroughly before reporting a bug to the PostgreSQL community.
Does this problem arise due to accessing same DB by two different servers?
My server accidentally restarted and then postgres service was not
showing in the services list.
You can't connect because it's not running. You can have as many clients connecting to a PostgreSQL server as your hardware can support - there is no problem with that.
Restart your PostgreSQL service. If it won't, check the logs for why. If you don't know where your PostgreSQL logs are now is a good time to find out. I can't tell you how to restart the service because you haven't said what OS you are running or how you installed PG. Check your documentation.
I have PostgreSQL 9.4 running on a Linux VPS, and I need to be able to connect to it over SSH from both Linux and Windows clients. (I will later need to connect to multiple servers, and so that all clients use the same port numbers, I'm forwarding to port 5551 for the first server, then I will use 5552, 5553, etc.)
From a Linux client I just run ssh -fNg -L 5551:localhost:5432 user#remote1.com and connect to localhost:5551 with PGAdmin3 or any other client app. Works great.
On Windows, I'm using PuTTY and Pageant. I got the connection to user#remote1.com via terminal working, then I went to the SSH Tunnels and added L5432 localhost:5551. Terminal connection still works, but when I try to connect with PGAdmin3 to localhost:5551 I get an error:
could not connect to server: Connection refused (0x0000274AD/10061) Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5551?
I resolved it. Like many things, this is obvious in hindsight. I had things backward in the SSH Tunnels setup in PuTTY. It needs to be L5551 remote1.com:5432