ident vs md5 for Postgres authentication - postgresql

I set up a Postgres db server on CentOS and created a database, mydb.
I access psql as system user postgres and check to see that it exists:
$ sudo -u postgres -i
$ psql
postgres=# \l
Name | Owner | ...
--------------------
mydb | postgres | ...
I then configure it:
(1) listen_addresses = 'localhost' is uncommented in postgresql.conf.
(2) I set the password for user postgres.
sudo -u postgres psql template1
ALTER USER postgres with encrypted password 'my_password';
But, connection via psql -U postgres -h localhost and Pgadm3 fail with this error:
Ident autentication failed for user "postgres"
I checked /var/lib/pgsql/9.4/data/pg_hba.conf.
ident is the default method for local IPv6 and IPv4 connections.
I change this from ident to md5.
Then, connection via Pgadmi3 and psql work as expected
Why does ident fail?

It fails due to:
The ident authentication method works by obtaining the client's
operating system user name from an ident server and using it as the
allowed database user name (with an optional user name mapping). This
is only supported on TCP/IP connections.
The ident should mean UNIX identification. In order to ident work you must run psql or PGAdmin by postgres user (default Postgres processes owner on CentOS). So make sure you made sudo su - postgres or sudo - postgres (and it works as you shown).
The md5 actually means md5 hash password identification. For me personally it easiest way.
I'm sure in your example everything works correctly :-)

Related

How do you get pgAdmin to connect to postgress

Installed postgres on Debian 10 using
# apt install postgres postgres-contrib
Can connect to it after setting the password for the postgres user
# passwd postgres
...
# su postgres
$ cd
$ pwd /var/lib/postgresql
$ psql
psql (11.17 (Debian 11.17-0+deb10u1))
Type "help" for help.
postgres=# \conninfo
You are connected to database "postgres" as user "postgres" via socket in "/var/run/postgresql" at port "5432".
postgres=#
I've installed pgAdmin on Windows and SSH into Debian with port forwarding -L 5432:localhost:5432 but pgAdmin complains that the password (that I've just set) is incorrect.
I've tried
postgres=# ALTER USER postgres PASSWORD 'password'
but it doesn't make any difference.
Update
This is suspicious; it doesn't even a password?
# psql -U postgres
psql: FATAL: Peer authentication failed for user "postgres"
Update 2
Tried to create a second user
# CREATE ROLE sa WITH LOGIN SUPERUSER PASSWORD 'password'
For some reason the psql command now asks for a password, but it does not accept the (correct) password
# psql -U sa
Password for user sa:
psql: FATAL: password authentication failed for user "sa"
I notice that \du lists only one user, postgres and not also the second user that I thought I'd created.
This is such shit.
You are running PostgreSQL over a Unix socket. pgAdmin needs a TCP/IP connection. You can fix this by making the necessary changes to postgresql.conf and pg_hba.conf. Note that PostgreSQL on Unix runs over a socket by default so you have to explicitly indicate that you want to use a TCP/IP connection. Also, make sure to restart the server after making any changes

pgAdmin and terminal: FATAL: password authentication failed for user

sup guys!
I'm trying to create a server local in pdAdmin 4, but everytime i'm trying to create i get this error:
[Error in pgAdmin]
in case 'veterano' its my username...
my tries to make this run (but doesnt work)
Checking if Postgres Service is Installed correctly:
$ sudo systemctl is-active postgresql
terminal back:
active
$ sudo systemctl is-enabled postgresql
terminal back:
enabled
$ sudo systemctl status postgresql
terminal back:
active (exited)
$ sudo pg_isready
terminal back:
/var/run/postgresql:5433 - accepting connections
My configuration to pg_hba.conf :
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all peer
host replication all 127.0.0.1/32 md5
host replication all ::1/128 md5
(every time after change something in pg_hba.conf I run $ sudo systemctl restart postgresql to restart postgress service.)
Checking psql and the new superusers:
$ sudo -u postgres createuser -s $USER
terminal back
createuser: error: creation of new role failed: ERROR: role "veterano" already exists
if I try
psql -U veterano i can login... so i try \du to check list of roles
terminal back
List of roles
Role name | Attributes | Member of
-------------+------------------------------------------------------------+-----------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
veterano | Superuser, Create role, Create DB | {}
So I try create a localhost server in terminal:
$ psql -h localhost -d mydatabase -U veterano -p 5432
terminal back:
Password for user veterano:
(I put my password maked with ALTER USER veterano PASSWORD 'newPassword';)
terminal back error
psql: error: FATAL: password authentication failed for user "veterano"
I really don't know what to do... I tried everything and still cant create a local server in pgAdmin 4 or directly in terminal.
Using Ubuntu 20.04.2 LTS
(Sorry for my english )
This is probably too late. but I have the same issue with veterano, and what I did was to change the password for the account "postgres" that I have :
(For those who don't know, postgresql has a user named "postgres" by default after installation)
Steps:
Access PSQL
$ sudo su - postgres
Then try to change the password for "postgres" user by typing :
postgres=# \password
You can then specify any password you want for this account.
Once thats done, you can use pgAdmin to connect using "postgres" username and the password that you just set.
Either you didn't set a password for the user, or you set a different password.
Connect using psql with psql -U veterano and set the password:
veterano=> \password
Enter new password:
Enter it again:
Now you should be good.
Try putting quotation marks '' on your password at your config file.
First we have to get inside postgres through using
sudo -u postgres psql postgres
Enter password for user postgres
Now the terminal will be like this:
postgres=#
Now enter the given line after postgres=#
CREATE USER username WITH PASSWORD 'your password';
(put your password inside quotes('') and don't forget semicolon(;)

PgAdmin on Ubuntu 20.04 FATAL: password authentication failed for user

I've installed Postgres and PGAdmin4 on Ubuntu 20.04, but I'm not able to create a server and connect to the database
As I have seen in several solutions, I changed the method to md5 on my pg_hba.conf file
# Database administrative login by Unix domain socket
local all postgres md5
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
I have as well connected to psql, created new users, alter password and restart the server by running sudo systemctl restart postgresql
List of roles
Role name | Attributes | Member of
-----------+------------------------------------------------------------+-----------
postgres | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
Any ideas?
Run the following commands:
sudo -i -u postgres
Input your sudo user password
psql
ALTER USER postgres PASSWORD 'new_password';
\q
exit
Now change config file to use this new password:
sudo subl /etc/postgresql/13/main/pg_hba.conf
(subl means subliime text, you can use any other text editor).
Edit this part of the file: change peer to md5
# Database administrative login by Unix domain socket
local all postgres peer
# "local" is for Unix domain socket connections only
local all all peer
restart the postgres service
Run this command to sign into postgres using the newly created password:
psql -U postgres
sudo -u postgres psql
and set new password
postgres=# \password
Source of solution:
https://www.youtube.com/watch?v=ej08u5xPa64
First we have to get inside postgres by using
sudo -u postgres psql postgres
Enter password for user postgres
Now the terminal will be like this:
postgres=#
Now enter the given line after postgres=#
CREATE USER username WITH PASSWORD 'your password';
(put your password inside quotes('') and don't forget semicolon(;)

Ecto Postgres install error password authentication failed

I created a phoenix project from the hello example using digital ocean. I entered the username and password from the etc/motd.tail file. I keep getting the error message below. I am a beginner and for some reason I just cannot get ecto to install correctly.
** (Mix) The database for Hello.Repo couldn't be created, reason given: psql: FATAL: password authentication failed for user "elixir"
FATAL: password authentication failed for user "elixir"
You can use the following Postgress database credentials:
* User: elixir
* Pass: ***
install. Any help would be appreciated.
I get the same error using Ubuntu 14.04 and I corrected resetting the 'postgres' password:
$ sudo -u postgres psql -c "ALTER USER postgres PASSWORD 'postgres';"
and restart postgres service:
sudo service postgresql restart
I assume this error is happening on the mix ecto.create task?
This happens because Ecto uses psql to create the database, however this is no longer the case in the upcoming Ecto 2.0.
The following GitHub issue shows the same issue https://github.com/elixir-lang/ecto/issues/1207
The relevant comment with the fix is https://github.com/elixir-lang/ecto/issues/1207#issuecomment-172570064:
My database config (pg_hba.conf) was apparently wrong.
For anyone else encountering this:
host all my_user 127.0.0.1/32 trust will not work
host all my_user localhost trust will work
Please check your pg_hba.conf (likely in /etc/postsgresql/9.x/pg_hba.conf).
We just need to create a new postgresql username and password according to the files inside config folder using this db method
$ sudo -u postgres createuser <username>
$ sudo -u postgres createdb <dbname>
$ sudo -u postgres psql
psql=# alter user <username> with encrypted password '<password>';
psql=# grant all privileges on database <dbname> to <username> ;
I needed to update the pg_hba.conf to make this work.
I am using Fedora, so get to /var/lib/pgsql/data
# "local" is for Unix domain socket connections only
local all postgres peer
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 ident
Then I created an elixir user in postgres with databse creation capabilities and configured it in dev.exs (user/password/database)

How to configure postgresql so it accepts login+password auth?

I have a fresh ubuntu 10.10 install with all updates and postgresql 8.4
In order for postgresql to accept login+password connections i have configured it via:
sudo su postgres
psql
ALTER USER postgres WITH PASSWORD 'password';
CREATE DATABASE myapp;
\q
exit
sudo vi /etc/postgresql/8.4/main/pg_hba.conf
change "local all all indent" to "local all all trust"
But, surprisingly, this is not working! The command
psql -U postgres password
Evaluates with error:
psql: FATAL: Ident authentication failed for user "postgres"
Any hints how i can make the psql -U to work?
It is probably a good idea to leave the "postgres" user with ident authentication. By default I believe Ubuntu uses the "postgres" user to perform upgrades, backups, etc, and that requires that it is able to login without a specified password.
I recommend creating another user (probably with your own username) and giving it admin privileges as well. Then you can use that user with passwords on local connections.
Here is what the relevant parts of my pg_hba.conf look like:
# allow postgres user to use "ident" authentication on Unix sockets
# (as per recent comments, omit "sameuser" if on postgres 8.4 or later)
local all postgres ident sameuser
# allow all other users to use "md5" authentication on Unix sockets
local all all md5
# for users connected via local IPv4 or IPv6 connections, always require md5
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
Also note that psql -U postgres password will not do what you want. The password should never be specified on the commandline. That will try to login as user "postgres" to a database named "password".
You should use psql -U postgres myapp instead. Postgres will automatically prompt you for a password, if it is configured properly to require one.
In case we want the password be filled-in automatically, place it in $HOME/.pgpass file
I think your pg_ident.conf file is misconfigured. Also, have you tried
psql -U postgres -W
Another thing that can cause this is expired credentials. I don't think this happened in version 8, but in version 9 when you create a new role in pgadmin, it is created in an expired state and you need to change or clear the role's expiration date before you will be able to login with it.
You may find it helpful to create the database's user and schema in PostgreSQL:
Log into PostgreSQL from the postgres user
$ sudo -u postgres psql postgres
Once in, create the user and database
CREATE ROLE myuser LOGIN PASSWORD 'mypass';
CREATE DATABASE mydatabase WITH OWNER = myuser;
Log into PostgreSQL from the new user account
$ psql -h localhost -d mydatabase -U myuser -p <port>