I have a ThingsBoard Professional Edition setup using AWS EC2 instance. The database is PostgreSQL-12. I tend to get the following error: FATAL: password authentication failed for user "postgres" FATAL: password authentication failed for user "postgres" when trying to log into the remote database server on pgAdmin4.
Here is a screenshot of the error shown when attempting to log in to server created on pgAdmin4.
Here is how I configured the remote database server (where Host name/address is the Public IPv4 of my EC2 instance).
In postgresql.conf, I have replaced the line listen_address='127.0.0.1' with listen_addresses='*'.
In pg_hba.conf, I added host all all 0.0.0.0/0 md5.
Here is a screenshot of my pg_hba.conf file:
I have also set the password for the user 'postgres' using the psql command #\password.
Here is what is shown in thingboard.log when I run the command:
cat /var/log/thingsboard/thingsboard.log | grep ERROR
Partial screenshot of /var/log/postgresql/postgresql-12-main.log shows the following:
I constantly have to use #ALTER USER postgres PASSWORD ‘<password>’; to be able to overcome this error but the error tends to return when I restart my local Windows machine.
That must be done by some software other than PostgreSQL.
Configure logging by setting log_statement = 'ddl' in postgresql.conf and restarting the database. Then you can more easily figure out when and by which software your password gets changed.
Additionally, configure pg_hba.conf to not allow passwordless connections from anywhere, then change the password. You may see some component start to complain - that component may be at fault.
Normally, I would create create postgresql user like this.
sudo -u postgres psql
create user deploy_sample with password 'secret';
create database deploy_sample_production owner deploy_sample;
I tried to create the user through ansible script with this task
- name: Create database user
become: yes
become_user: postgres
postgresql_user:
user: user123
password: password123
encrypted: yes
state: present
This does create a user but i cant login using the creds.
I tried to login with this command psql --username=user123 --password. I get peer authenticate failuer error.
Ansible configuration looks correct, and may have nothing to do with the problem.
By the message we can see that it is trying to login with the Peer authentication method. This means that the O.S. user is being used to connect to the database instead of the provided password (see: https://www.postgresql.org/docs/10/auth-methods.html)
Two things you should look at:
How is your auth method configuration?
It is in the file: {data dir}/pg_hba.conf
It is possible that all local connections are configured to use peer (notice that are two types of local connections, one is called local = connection through unix socket, the other is host 127.0.0.1/32 = using network to reach localhost).
I would change the second one to use md5 method, this way you will be able to connect with user/pass using network, but still use peer for local connection - useful for the system user postgres
Connect with the application user using network
psql --username=user123 -> PSQL program will try to use local connections by default, meaning that the Peer authentication is used. You probably don't have the user user123 on the system so this will fail!
psql -h localhost --username=user123 -d <database> -> This way you will connect to local machine using network, thus allowing to authenticate with password.
I recently installed Postgresql 11, during the installation, there's no step to put password and username for Postgres. Now in pgAdmin 4, I wanted to connect the database to server and it's asking me to input password, and I haven't put any in the first place.
Any one knows what's going on. Thank you!
The default authentication mode for PostgreSQL is set to ident.
You can access your pgpass.conf via pgAdmin -> Files -> open pgpass.conf
That will give you the path of pgpass.conf at the bottom of the window (official documentation).
After knowing the location, you can open this file and edit it to your liking.
If that doesn't work, you can:
Find your pg_hba.conf, usually located under C:\Program Files\PostgreSQL\9.1\data\pg_hba.conf
If necessary, set the permissions on it so that you can modify it. Your user account might not be able to do so until you use the security tab in the properties dialog to give yourself that right by using an admin override.
Alternately, find notepad or notepad++ in your start menu, right click, choose "Run as administrator", then use File->Open to open pg_hba.conf that way.
Edit it to set the "host" line for user "postgres" on host "127.0.0.1/32" to "trust". You can add the line if it isn't there; just insert host all postgres 127.0.0.1/32 trust before any other lines. (You can ignore comments, lines beginning with #).
Restart the PostgreSQL service from the Services control panel (start->run->services.msc)
Connect using psql or pgAdmin4 or whatever you prefer
Run ALTER USER postgres PASSWORD 'fooBarEatsBarFoodBareFoot'
Remove the line you added to pg_hba.conf or change it back
Restart PostgreSQL again to bring the changes to effect.
Here is an example of the pg_hba.conf file (METHOD is already set to trust):
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
NOTE: Remember to change the METHOD back to md5 or other auth-methods listed here after changing your password (as stated above).
For Windows variant - I too experienced this nasty bug because of pgAdmin for my Windows x64 install of version 9.2. It left my production paralyzed.
In folder C:\Program Files\PostgreSQL\9.2\data or C:\Program Files (x86)\PostgreSQL\9.x\data, you'll find the pg_hba.conf text file.
Find the following lines:
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
and change METHOD md5 to "trust" like this:
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
From Windows>Run type "services.msc" and enter find the right PostgreSQL instance and restart it.
Your DB security is now blown wide open! Heed the warning to return it back to md5 after changing the user password expiry time to say year 2099 for all the relevant users.
Change the password of default use
ALTER USER postgres WITH PASSWORD 'new_password';
Note: CREATE USER is the same as CREATE ROLE except that it implies LOGIN.
$ psql postgres
postgres=# create user postgres with superuser password 'postgres';
After successfully changing the master password
If you get the same error even after following the master password reset steps
Open your command prompt and execute
psql -U postgres
It will ask you for the password, enter the new password which you set now parallelly open SQL shell(psql) and try again with the new password
I have tried all the above mentioned solutions, trust me northing worked! I have resolved the issue by using following commands
psql -U default
\password
Enter new password:
Enter it again:
my username is : default
This worked perfectly for me.
For Linux user try this
//CHECK POSTGRES IS WORKING OR NOT
sudo systemctl status postgresql
//THIS WILL ACCEPT PORTS
sudo pg_isready
sudo su postgres
//NAVIGATE TO SQL TERMINAL / BASH
psql
//CREATE A NEW USER WITH PASSWORD
CREATE USER shayon WITH PASSWORD 'shayon';
try using psql -U postgres if have put password while installing this is command where you have to use that. Thank you :)
Option 1: If you use trust
Better change only postgres to trust in the pg_hba.conf, then access your db with postgres super user and add other users and passwords with the power of the postgres super user, then change all other peer to md5.
The steps: In the pg_hba.conf, change
local postgres to trust
do not change local all to trust,
instead change local all from peer to md5 - which means that a right password is enough to login.
See this solution in detail at the second answer of 'Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails'.
Option 2: Use md5, no trust needed (recommended)
This way is even easier because you will need to change the pg_hba.conf only once:
Change any local user from peer to md5, usually:
Change local postgres from peer to md5
Change local all from peer to md5
Add a postgres pw with the power of your Linux pw only:
sudo su postgres
psql (or psql -p <port> if you have more than one PostgreSQL)
\password
\q
See the accepted answer and the comments of "Getting error: Peer authentication failed for user "postgres", when trying to get pgsql working with rails".
I solved this problem by changing peer to trust in the file "pg_hba.conf" at local postgres then I restarted the postgres service with the command:
sudo service postgresql restart
That's it.
This particular situation I'm about to mention probably doesn't come up very often, but I was getting this error as well. After looking into it, it was because I had a local postgres instance listening on port 5433, and I was trying to set up a Kubernetes tunnel to a remote PG instance mapped to local port 5433 as well. It turns out the command I was running was attempting to connect to the local instance rather than the remote instance. When I temporarily stopped the local instance, I was able to connect to the remote instance through the tunnel without changing the psql command I was using.
I know this is an old question, but I had the same problem, e.g. no dialog for setting password for Postgres during installation with Postgresql 11.
Instead of doing all the file manipulations suggested in the other answers, I deleted Postgresql 11 and installed Postgresql 12, where I was prompted for setting password during installation.
Loggin to PgAdmin4
Go to
Object > Create > Login/Group Role
Create the "username" that was named in the psql terminal
Create password
Give it all the rights
Save
try the password immediately in the psql terminal.
It worked for me.
Hope this works for you.
You can use the "superuser" password for the first time.
After that you can use Object > Create > Login/Group Role to change the password for the "postgres" user.
I currently had a headhache solving this case. A friend helped me I decided to post my solution here.
Open pg_hba.conf in any text editor (you can find this file in your postgres instalation folder > data);
Change all the methods fields to trust (meaning you don't need a password for postgre);
Run in your console this comand: "alter user postgres with password '[my password]';" | psql -U postgres (meaning to alter some user password for [my password] for the user as parameter -U postgres);
Et voilà (don't forget to change back the method from trust for the one that should be best for you).
I hope this help someone someday.
For those of you who got this error and NONE of these answers helped, I may not have StackOverflow fish for you, but I'll teach you how to fish!
You likely don't have the correct order of lines in the pg_hba.conf file. If you read this PostgreSQL documentation link below, it says this error can be thrown if "no matching entry is found". However, that is NOT always true! Documentation is written by humans and humans make mistakes.
https://www.postgresql.org/docs/current/client-authentication-problems.html
The truth is that a line further up might take precedence, is qualifying and is forcing you to use a password stored in PostgreSQL rather than delegated authentication or some other method. If you are not specifying a password stored in PostgreSQL, then you do not need the LOGIN role attribute. Put a line at the very top of this list with your specific user, authentication protocol, network details and other criteria. Also, many may think that most computers use IPv4. Try IPv6 and you'll be surprised. Once you know the very specific criteria of your issue and place a line at the top, then you have established the ONLY RELIABLE WAY to troubleshoot these pg_hba.conf issues without source code debugging!
Another helpful trick is to create a crapload of Server entries in pg_admin (SQL IDE for PostgreSQL) with all of your users and authentication protocols for testing. When you test different scenarios, you'll instantly know which ones fail.
Also, whenever you change this file, restart the PostgreSQL service, before testing the user.
You're welcome my friend. :)
Follow below stepsif you are using pgAdmin4 and facing error in updating password :
1] Open file "pg_hba.conf" and find "IPv4 local connections"
2] See the value under "Method" column, it must be set to "md5" becase you selected it while installing.
3] Make "md5" value blank and save the file. Restart pgAdmin4 application.
4] Now again set the value back to "md5" and input your password in pgAdmin application.
You should be successfully able to do it.
windown 11 - postgres 14
open pgAdmin4 - click servers
right-click on your windows user name rule, e.g: MyUserName.
definition tab - enter password, click save.
open/re-open terminal
run: psql "postgres:///"
if you get "MyName database doesn't exist" you're good to go
I have installed Openbravo ERP 3.0 in Ubuntu 12.04(LTS). After completed the installation I tried to connect with postgresql database using pgadmin 9.1. I gave all the details as mentioned in this link: http://wiki.openbravo.com/wiki/Installation/Appliance/Openbravo.
Also I have changed the config file settings like listen_addresses="*". I got this error after I click "Ok" button
Could anyone give suggestion to fix this error? Thanks in advance.
Actually the problem comes because of not mentioning the local cluster or data area for PostgreSQL. To do this after installing Openbravo, need to give this command in terminal
psql -d openbravo -U tad -h localhost -p 5932
Finally give the PostgreSQL configuration details as mentioned in this link
It works fine now...
To be able to reach the server remotely you have to add the following line into the file: /var/lib/pgsql/data/postgresql.conf:
listen_addresses = '*'
PostgreSQL, by default, refuses all connections it receives from any remote address. You have to relax these rules by adding this line to /var/lib/pgsql/data/pg_hba.conf:
host all all 0.0.0.0/0 md5
This is an access control rule that lets anyone login from any address if a valid password is provided (the md5 keyword). You can use your network/mask instead of 0.0.0.0/0 to only allow access from certain IP addresses.
When you have applied these modifications to your configuration files, you will need to restart the PostgreSQL server.
/etc/init.d/postgresql start
Now, you will be able to login to your server remotely
I've installed postgresql 9.2 on linux (kubuntu) and the last version of pgadmin3, but when I connect them I have this error:
An error has occurred:
Error connecting to the server: fe_sendauth: no password supplied
What can I do?
I have also configured tomcat for my web application in java. In fact, postgresql was working before trying my application.
Change the password for role postgres:
sudo -u postgres psql postgres
alter user postgres with password 'postgres';
Try connect using "postgres" for both username and password.
Refer to: How to change PostgreSQL user password
Whether a password is required depends on your settings in pg_hba.conf. And there are different ways you can connect - different settings in pg_hba.conf may apply.
I quote the help shipped with pgAdmin 3 for the "Host" field in the connection ("server") settings:
The host is the IP address of the machine to contact, or the fully
qualified domain name. On Unix based systems, the address field may be
left blank to use the default PostgreSQL Unix Domain Socket on the
local machine, or be set to an alternate path containing a PostgreSQL
socket. If a path is entered, it must begin with a “/”. The port
number may also be specified.
If you connect via Unix socket the rules for "local" apply.
Whereas when connecting via TCP/IP "host" (or "hostssl") rules applies.
If you have a line like this at the top your pg_hba.conf file:
local all all peer
or:
local all all ident
.. then you can connect locally without password if your system user is "postgres" and your database user is "postgres", too.
I realize this is question is years old, but I ran into this same problem today and have a solution that uses trust in a limited but useful way.
As in many development shops, when the devs need a QA postgres password, they just yell it, message it, email it, write it on their foreheads, etc. And I'm like, "This is really bad. I need to figure out a way to use PKI here." We also use pgAdmin3.
First, add a line like this to your pg_hba.conf, where dev represents the user for the developers in your shop:
host all dev 127.0.0.1/32 trust
Drop the developers' public key in their authorized_keys folder on the database server. Now have them ssh into the server with the -L flag with a command similar to the following:
ssh -i ~/.ssh/id_rsa -L5432:127.0.0.1:5432 -vvv 101.102.103.104
This allows one to use the postgres port as if it were localhost. Of course, replace the key, server and make sure to map to an open port locally (if you have a local postgres running, it's probably bound to 5432). I use a pretty verbose flag so I can easily troubleshoot any ssh issues.
Open another terminal and issue this command:
psql -h 127.0.0.1 -U dev -p 5432
You should have access to the database and never be prompted for a password, which I think is great because otherwise, the devs will just waive the password around with little regard to security, passing it out like Halloween candy.
As of now, PgAdmin3 will still prompt you for a password, even though -- plain as day -- you do not need it. But other postgres GUIs will not. Try Postico. It's in beta but works great.
I hope this answer helps anyone like me who would rather use PKI for postgres auth rather than sharing passwords willy-nilly.
Met this problem recently.
If you're using PostgreSQL on local machine, and psql works well without logging needed, try pgadmin3's menu File - Add Server - Properties tab, fill in Name field for this connection, leave Host field and Password field empty, and click ok.
from pgadmin docs
On Unix based systems, the address field may be left blank to use the
default PostgreSQL Unix Domain Socket on the local machine, or be set
to an alternate path containing a PostgreSQL socket. If a path is
entered, it must begin with a “/”.
Worked on Debian testing (pgadmin3 1.22, PostgreSQL 11), without touching pg_hba.conf.
For me, I run pg_ctl -D /usr/local/var/postgres start, start the server, then everything is OK, it will pop out the connection host port.