postgres user cannot connect to a database created by postgres user.
postgres=> CREATE DATABASE mydb ENCODING 'UTF8' ;
CREATE DATABASE
postgres=> \connect "mydb";
FATAL: Peer authentication failed for user "postgres"
Previous connection kept
Is this related to google cloud version of postgresql ?
When you create a new Cloud SQL for PostgreSQL instance, you must set a password for the default user account ‘postgres’ [1]. “Peer authentication is only available for local connections” [2]. The authentication method field ‘auth-method’ in pg_hba.conf file should be using ‘md5’ instead of ‘peer’ [2] as a password is set for the default user account. A similar error is answered here [3].
https://cloud.google.com/sql/docs/postgres/create-manage-users#user-root
https://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html
Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails
Related
I am following a tutorial on how to create a to do app with PERN stack.
(working on ubuntu 18.4, postgres version 12.3)
I did install the PostrgreSQL, server is running on 5000 and I am able to enter to the database from the command line with "psql -U postgres" but when I try to connect database with the server I am getting this error: password authentication failed for user "postgres".
I was not asked to give any password to the user "postgres" while instalation so I left the password in the db file empty.
My db file looks like this:
const Pool = require("pg").Pool;
const pool = new Pool({
user: "postgres",
password: "",
host: "localhost",
port: 5432,
database: "perntodo",
});
module.exports = pool;
what can I co?
I did set the postrgres authentication in pg_hba.conf file from peer to trust as I found in another issue on stockoverflow, but the error keeps appearing.
The immediate fix would be to eliminate:
host: "localhost"
from your connection settings. This would force the connection to be made on local which would be equivalent to what you are doing with psql -U postgres.
The longer term fix would be to use psql -U postgres to connect and then ALTER ROLE postgres WITH PASSWORD '<some_pwd>'. This would give this ROLE a password. You can do this with other roles that already exist by using ALTER or when you CREATE a new role in the create statement.
The connection authentication methods are controlled by the pg_hba.conf file. A full explanation of what it does is available here:
https://www.postgresql.org/docs/current/auth-pg-hba-conf.html
If the above does not answer all your questions then come back with specific concerns.
Don't use user postgres to connect your application to PostgreSQL.
Create separate user for application.
Grant to application user strict permissions only for schemes and tables what it need access.
Add pg_hba.conf record for application user
Enjoy
If I go as per your error message, then you need to reset postgres password. And I believe the default isnt working or you might have forgotten after resetting it.
Please follow below tutorial for resetting password:-
https://docs.bitnami.com/aws/infrastructure/postgresql/administration/change-reset-password/
or refer the answer for below:-
What is the default password for Postgres
I'm a newbie to PostgreSQL and I'm trying to create a user/role on Postgres 11 (running on CentOS7) which is named (e.g.) "json_docs_admin" (same for password) that I can use under the OS user (e.g.) "app_user" to connect locally to the DB.
I have tried connecting to Postgres using "postgres" user and the command "psql -d template1" and ran the following commands:
template1=# create role json_docs_admin with login password 'json_docs_admin';
CREATE ROLE
template1=# create database json_docs owner=json_docs_admin;
CREATE DATABASE
template1=# GRANT ALL PRIVILEGES ON DATABASE json_docs TO json_docs_admin;
GRANT
I have changed the /var/lib/pgsql/11/data/pg_hba.conf so that local connections can be established on the server, and I've restarted the postgresql service.
Then, back under "app_user" user, when I try to connect to the database, I get the following errors:
$psql -d json_docs -U json_docs_admin
Password for user json_docs_admin:
psql: FATAL: database "json_docs" does not exist
Could anybody let me know what am I doing wrong?
Thanks.
I created password using ALTER USER postgres PASSWORD 'newPassword' in postgresql. I am still getting the same error in amazon ubuntu server. Can any one provide solution for this?
Use this:-
ALTER USER postgres WITH PASSWORD 'newPassword';
I'm trying to set up a Heroku environment for python development following instructions on https://github.com/heroku/python-getting-started. When I run createdb python_getting_started:
I'm first prompted to give in a password: I entered the password of the user "postgres" in Postgres
I get an error message:
createdb database creation failed: ERROR: permission denied to create database
Don't really how to solve this one. The user "postgres" is allowed to create a database. I checked with \du that it is a Superuser and it has Create DB rights. What's going on here? Which user is Windows using to try to create a Postgres DB?
Most PostgreSQL utilities by default use your current OS session login for database connections.
You need to either set environment variable PGUSER to postgres or use createdb -U postgres python_getting_started.
You can read more about createdb parameters here, tho admittedly it does not mention default values.
EDIT: It actually does mention that it uses libpq defaults, and those are:
user
PostgreSQL user name to connect as. Defaults to be the same as the operating system name of the user running the application.
I want to do some cross database references in my application. Briefly, i have two databases called meta and op. I want to do some select query from meta to a table in op database like below but getting the below error. I tried with password and without password. by the way caixa user is a non-super user and my target server (op db server is having MD5 authentication mode.)
meta=> select * from dblink('dbname=op password=caixa','SELECT op_col from op_table') AS t(op_col varchar);
ERROR: password is required
DETAIL: Non-superuser cannot connect if the server does not request a password.
HINT: Target server's authentication method must be changed.
What the HINT in the above error message suggests? do i need to change the server's auth mode? Without changing the server's auth mode (MD5) can't i run the above query?
From documentation:
Only superusers may use dblink_connect to create
non-password-authenticated connections. If non-superusers need this
capability, use dblink_connect_u instead.
and
dblink_connect_u() is identical to dblink_connect(), except that it
will allow non-superusers to connect using any authentication method.
That means your dblink call is using dblink_connect implicitly. Use dblink_connect_u instead or change your auth method to e.g. md5.
Note that you also need grant execute privilege to caixa role, for example by:
GRANT EXECUTE ON FUNCTION dblink_connect_u(text) TO caixa;
GRANT EXECUTE ON FUNCTION dblink_connect_u(text, text) TO caixa;
Working example (after GRANT):
meta=> SELECT dblink_connect_u('conn1', 'dbname=op');
meta=> SELECT * FROM dblink('conn1','SELECT op_col from op_table')
AS t(op_col varchar);
op_col
--------
aaa
bbb
ccc
(3 rows)
meta=> SELECT dblink_disconnect('conn1');
EDIT:
Sorry for slightly misleading answer. Of course you don't need dblink_connect_u for md5 authenticated
connection. There is one possibility I see. PostgreSQL has two different connection types: host and local.
Running:
psql -h localhost ..
incorporates host connection, but
dblink_connect('mycon','dbname=vchitta_op user=caixa password=caixa');
uses local type, so if you have non-password method for local connection (for example ident method or trust), then it returns
ERROR: password is required
DETAIL: Non-superuser cannot connect if the server does not request a password.
HINT: Target server's authentication method must be changed.
Check
dblink_connect('mycon','hostaddr=127.0.0.1 dbname=vchitta_op user=caixa password=caixa')
for host connection. For clarity if possible please post your pg_hba.conf.
I also checked what about CONNECT privilege on vchitta_op DB, but error message is different:
REVOKE CONNECT ON DATABASE vchitta_op FROM PUBLIC;
REVOKE CONNECT ON DATABASE vchitta_op FROM caixa;
SELECT dblink_connect('mycon','dbname=vchitta_op user=caixa password=caixa');
ERROR: could not establish connection
DETAIL: FATAL: permission denied for database "vchitta_op"
DETAIL: User does not have CONNECT privilege.
There's a workaround that did the trick for me. Non-superusers can execute functions with privileges of a superuser if "SECURITY DEFINER" option is set.
( http://www.postgresql.org/docs/9.1/static/sql-createfunction.html )
That means you can create a function (with superuser owner and SECURITY DEFINER option) that does cross-database manipulation (using dblink() without password) and execute it under non-superuser
I have a similar but a different issue. I have two servers with identical postgres.conf and pg_hba.conf. However one on version 9.2.3 and one on 9.2.4
9.2.3
pg_hba.conf has
local all dblinkuser trust
then I connect to database using any ordinary user
theater_map=# select dblink_connect('dbname=TheaterDB user=dblinkuser password=dbl123');
dblink_connect
----------------
OK
(1 row)
success in connection.
9.2.4
my pg_hba.conf has the same entry as above
theater_map=> select dblink_connect('dbname=TheaterDB user=dblinkuser password=dbl123');
ERROR: password is required
DETAIL: Non-superuser cannot connect if the server does not request a password.
HINT: Target server's authentication method must be changed.
NOW
I change my pg_hba.conf on 9.2.4 as below
local all dblinkuser md5
and restart postgres
theater_map=> select dblink_connect('dbname=TheaterDB user=dblinkuser password=dbl123');
dblink_connect
----------------
OK
(1 row)
I Checked the change log between versions 9.2.3 and 9.2.4 but could not find any details.
note: changing auth method from trust to md5 on 9.2.3 does not make any difference and still works.
I found this question googling for same error message, though I use fdw extension rather than db_link. Following steps helped to fix my problem:
find user has no password and set it on - alter user myuser with password 'mypassword'
find authentication method is trust and set it to md5 - vim /var/lib/postgresql/data_/pg_hba.conf
reload pg_hba.conf - SELECT pg_reload_conf(); from psql (log out and log in to verify password is required)
(optionally try access from remote machine, db browser etc.)
setup foreign server and its user mapping - CREATE USER MAPPING FOR CURRENT_USER SERVER myserver OPTIONS (user 'myuser', password 'mypassword');
PostgreSQL 11.10
SELECT ext.column1 from
dblink('hostaddr=192.192.192.192 dbname=yourDbname user=yourUsername password=yourpass',
'select a."column1" from "Table1" a where a."column2"=2')
as ext(column1 text)