I have PostgreSQL server running on some host pgserver. This server is not opened to the outside world (only connections from localhost are allowed). I can login to that host as user via ssh (with public key):
me#local:~ $ ssh user#pgserver
Then I can su to specific user pguser to run queries.
user#pgserver:~ $ sudo su pguser
pguser#pgserver:~ $ psql
I need to enter user's sudo-password here. I can't connect as pguser and don't know his password. I also don't have access to the database as user.
Now to simplify development I would like to setup ssh-tunnel from my local machine to the pgserver:
me#local:~ $ ssh -L localhost:5432:localhost:5432 user#pgserver
The problem is that while user has access to the server, he doesn't have access to database. pguser has it, but doesn't have access to the server. What is frustrating is that I can actually sudo to pguser's account and run queries after I've connected as user.
Can I solve this in some way?
Try
ssh -t -l user pgserver sudo -u pguser psql
The -t forces ssh to allocate a pty on the other end so there's
a terminal for password input and such.
Related
I have initialized a pg database as such:
user_name#my_machine$ sudo -u postgres createuser -s user_name
user_name#my_machine$ createdb -T template0 db_name
I can now connect to it via psql via user_name#my_machine$ psql db_name
and everything works well with the CLI tooling.
The relevant auth line of /etc/postgresql/13/main/pg_hba.conf is:
local all all peer
Now I'd like to connect to it via PgAdmin 4, and I can't find a way to tell the interface that I want to connect via unix socket and don't need a password.
The sanest way I can think is:
but the connection is still rejected with a fe_sendauth: no password supplied.
I know I could configure a password for my user and give it, but I'd like to know if I can make PgAdmin behave properly.
Short answer: put /var/run/postgresql in host name/address.
I am trying to connect to a locally running postgres on docker.
I am running the basic tutorial initialization:
docker run --name some-postgres -e POSTGRES_PASSWORD=mysecretpassword -d postgres
when I try: pgcli -h localhost -U postgres postgres I get password denied. I have also tried with pguser. I have also tried setting the username as well with the same result.
When I try with a generic database application, DBeaver, same result password denied.
I have tried going in to the running container and resetting the password as well: docker exec -it <hash> bash and then manually setting the password again to something simple.
I was getting a similar error with port 5432 (default) and I had a local postgres installation too, which is creating the problem. To avoid the two instances fighting for same port, two things can be done.
Stop instance of local postgres
In docker container postgres path, open postgresql.conf and change default port.
I faintly remember postgresql to
a) have a different password for a postgresql account than the one you have to set for the linux user account and
b) having to activate logging in with a username and password somewhere in the config
Hope this helps, just something off the top of my head
I'm trying to connect to a psql database on a remote server.
So I ssh tunnel into the remote server with port forwarding as below
ssh -L 7777:psqlServerHost.com:5432 me#remoteServerHost.com
Unfortunately using this method I'm unable to authenticate properly when I try the below command on separate terminal on my local
psql -h localhost -p 7777 -U user database
I would get
FATAL: password authentication failed for user
However if I were to directly ssh into me#remoteServerHost.com I would be able to connect to the database with the same credentials using the below command
psql -h psqlServerHost.com -U user database
I imagine this is probably a configuration file somewhere that I've missed, but I can't seem to find any similar queries that are helpful on the internet.
In Ubuntu 16.04 I created second postgres database cluster, called cmg, with a local user as the admin user:
pg_create -u "local_username" -g "local_usergroup" -d /path/to/data/dir 9.5 cmg
The cluster was started with:
pg_ctrlcluster 9.5 cmg start
which ran successfully (pg_lsclusters show both are online)
The problem is I cannot connect to the cluster using psql as is normally done.
I tried using:
psql -h 127.0.0.1 -w -p5433 -U local_username
which fails with:
psql: fe_sendauth: no password supplied"
Is there any way to connect to the specific cluster?
use psql -h your_socket_dir -p5433 -U postgres to connect locally (uses peer auth by default - thus high chahce to login wothout password)
once logged in - set up password (create user if needed) and use it connecting remotely
psql -h 127.0.0.1 -p5433 -U local_username
in your connect string you had -w which is never ask for a password https://www.postgresql.org/docs/current/static/app-psql.html which would by default work only for local connections
I think the default pg_hba.conf when you start up a new cluster expects you to authenticate with peer connections, so you need to change user to your local user before connecting
[root#server~]# su - local_username
>> Enter password:
> password
[local_username#server~]# psql -h 127.0.0.1 -p 5433
You can check your pg_hba.conf file in /path/to/data/dir/pg_hba.conf to see how it expects you to authenticate.
Alternatively, if you cannot get access as your 'local_username' then instead su to postgres user in the instructions above and it should work
I always have to give the command like sudo -u postgres psql in order to login into Postgres console. What do I have to in order to login into postgres like sudo psql or psql
The environment I am working on is Ubuntu Linux 12.04
Thanks in advance.
It's normal that after the installation, only the postgres user is able to do anything with the database server. The installer can't assume that we'd want to open access to anyone else.
To give yourself access as a casual user, assuming as an example that your login name is joe (your normal, non-priviledged user), you just need to create a corresponding user and database:
Inside psql as the postgres administrator (with sudo -u postgres psql), issue:
CREATE USER joe;
CREATE DATABASE joe OWNER joe;
After that, when issuing psql at the shell prompt, it will connect by default to your own database with your username. You no longer have to sudo to postgres until you need to issue other administrator commands.
Your psql is in /usr/bin/psql. You shouldn't need to use sudo unless your permissions are wrong, or unless your link is wrong. (In later versions of PostgreSQL, /usr/bin/psql is a symbolic link to the executable. I don't know whether that's true in 8.4. On my home computer, it links to /usr/share/postgresql-common/pg_wrapper.)
The full skeleton syntax for psql is
psql -U username -h hostname -p portnumber database_name
So, for example, when I connect to my scratch database (named "sandbox"), I do it like this.
$ psql -U postgres -h localhost -p 5432 sandbox
You would substitute
your database username (which must already exist, and which isn't necessarily the same as your network/computer username),
your hostname (but "localhost" is probably right for a local install of PostgreSQL),
the port PostgreSQL is listening on (but 5432 is probably right; it's the default), and
your database name.
Would
psql -U psql
work for you?
EDIT:
I though you would mind about sudo.
If your problem is rather typing -U <user>, you could also set the environment variable PGUSER. This could also be done in your shell's logon script, so that it will always be set.
The other enviroment variables of interest might be PGDATABASE, PGHOST, PGPORT.