I've been trying to edit pg_hba.conf file in order to be able to access the server using just the IP address with, so far, no success.
For example, I can access using «localhost», but I want to access using the IP address that my router gave me which is something like 192.168.1.X
This is mi pg_hba.conf:
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres trust
#host replication postgres 127.0.0.1/32 trust
#host replication postgres ::1/128 trust
host all all 0.0.0.0/0 trust
Any help?
First, edit the postgresql.conf file, and set listen_addresses. The default value of 'localhost' will only listen on the loopback adaptor. You can change it to '*', meaning listen on all addresses, or specifically list the IP address of the interfaces you want it to accept connections from. Note that this is the IP address which the interface has allocated to it, which you can see using ifconfig or ip addr commands.
You must restart postgresql for the changes to listen_addresses to take effect.
Next, in pg_hba.conf, you will need an entry like this:
# TYPE DATABASE USER ADDRESS METHOD
host {dbname} {user} 192.168.1.0/24 md5
{dbname} is the database name you are allowing access to. You can put "all" for all databases.
{user} is the user who is allowed to connect. Note that this is the postgresql user, not necessarily the unix user.
The ADDRESS part is the network address and mask that you want to allow. The mask I specified will work for 192.168.1.x as you requested.
The METHOD part is the authentication method to use. There are a number of options there. md5 means it will use an md5 hashed password. 'trust' which you had in your sample means no authentication at all - this is definitely not recommended.
Changes to pg_hba.conf will take effect after reloading the server. You can to this using pg_ctl reload (or via the init scripts, depending on your OS distro).
Related
PostgreSQL 13 is running on a remote machine in a docker container. I can't get access to it remotely in any way, the error is
no pg_hba.conf entry for host,
ssl is disabled.
Connect from the local machine by the host name localhost or 127.0.0.1 is excellent. But if I set a own IP of the current server 192.168.1.102 - I am getting the error. And from any remote machine it is the same
postgresql.conf
listen_addresses = '*'
pg_hba.conf
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
#host all all 127.0.0.1/32 trust
host all all all trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all trust
host replication all ::1/128 trust
host all all all md5
I did a container restart and the postgres user has a password
Thanks
Try use
docker run --publish=192.168.1.102:<exposed-port>:<container-port> postgresql-image
Also make sure you can ping to IP from other PC. Firewalls, Virus guards etc should check.
There are a great number of solutions described here
I'm currently really struggling with a postgres 9.1 database which i need for testing my software. I did not create this database but i used to log in before with postgres as a user and password. However, right now it is impossible for me to create a connection even with pgadmin3 from the same machine the database is running on. I tried a million combinations in pg-hba.conf like:
host all all 192.168.10.178/32 trust
or
host all all 0.0.0.0/0 trust
or
host example postgres 192.168.10.178/32 trust
or
host all all ::1/128 md5
Ip4 adress of server is 192.168.10.178, subnet mask is 255.255.245.0. The machine is running windows server 2008 and i'm logged in with admin rights (if that matters). In postgresql.conf the following lines are set:
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
I'm not familiar at all with postgres and what i read until now about pg_hba.conf did not get me any further. I would have expected that at least with the second setting from above it would let me log in without password not caring about user or host ip. But somehow pgadmin 3 still asks for a password for user 'postgres' and if i use 'postgres' it just tells me:
password-authentication for user 'postgres' failed
Please, can anyone tell me what the hell i'm supposed to do?
This is what my settings look like:
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all nnn.nn.nnn.nnn/32 trust
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
(Obviously the n's are numbers I've hidden from my actual IP address.)
As #VaoTsun said, make sure the lines are in the order you wish them applied, because the first one that matches will be what is used. So if for example you have samenet set to md5, then next line you have samehost set to trust, you will get md5 because samenet is valid for your connection.
However I strongly suspect the issue is that the IPv6 connection entry is either commented out, or set to md5 (or both). I don't know exactly why, but I know on a lot of our 2008 servers, it will use the IPv6 setting rather than the IPv4. Maybe it depends if IPv6 is enabled on the machine. Set that entry as per my settings above, and I bet that will do it.
Also, unless you've configured PGAdmin to save your password, it will still ask you for a password even if trust is properly set. Just hit enter without typing in a password, and it should allow you in. (Assuming your settings have been set correctly.)
I followed this tutorial.
I managed to set up everything and do exactly as it was mentioned in the tutorial.
But when I tried to connect to it using PGADMIN 4, i get connection time and out and I was never able to fix it.
then I found this link, which has the following command:
sudo -i -u postgres
psql
\conninfo
then I cans see the following message:
You are connected to database "postgres" as user "postgres" via socket in "/var/run/postgresql" at port "5432".
So I dont understand what is wrong now and when I type:
sudo nano ../../etc/postgresql/9.3/main/pg_hba.conf
to see the content of the file and I put my password, its not being accepted.
Then I restart everything by closing the window and open it again, then I can check out the file:
# If you change this first entry you will need to make sure that the
# database superuser can access the database using some other method.
# Noninteractive access to all databases is required during automatic
# maintenance (custom daily cronjobs, replication, and similar tasks).
#
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
# IPv4 remote connections for the tutorial:
#host all all 127.0.0.1/32 md5
#host all all 35.196.55.208/32 md5
host all all all md5
The last 4 lines I've added to fix the problem, but nothing yet.
What am I doing wrong? I'm looking at many tutorials, and also several pages from Stack Overflow but still nothing!
You have not provided permission to connect remotely.
In the given tutorial, Connecting remotely section it is clearly mentioned that you need to provide your IP address in the pg_hba.conf file.
Replace [YOUR_IPV4_ADDRESS] with the address of your local computer.
Also, In the Instances page in the Google Cloud Platform Console, click the
instance to open its Overview page. Select the Authorization tab.
Under Authorized networks, click Add network and enter the IP address
of the client machine where your client is installed. Click Done, then
click Save at the bottom of your page to save your changes. Connect to
your instance, either with SSL or without SSL.
Provide your IP address in the pg_hba.conf file, Restart Postgres service and try again.
In postgresql.conf I have:
listen_addresses = "*"
My pg_hba.conf looks like:
local all postgres md5
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
#host all all myIPADDRESS md5
If I uncomment the last line
pgadmin says it cannot access and to make sure whether the port is accessible. I have flushed the iptables to have no rules, so the firewall is not stopping it.
local access to the database from my scripts is not working
With the last line commented:
pgadmin says that no pg_hba.con entry for my IP address
I am able to access the database locally on the server from my scripts
What am I missing to make the configuration right?
Thanks.
Looking at this post. After adding to pg_hba.conf:
host all all ::/0 trust
host all all my.ipv4.IP/32 trust
It works now.
Not sure if order is important in pg_hba.conf but, I put mine at top and also tried with and without IP and both worked.
Had same problem with psql via command line connecting and pgAdmin not connecting on RDS with AWS. I did have my RDS set to Publicly Accessible. I made sure my ACL and security groups were wide open and still problem so, I did the following:
sudo find . -name *.conf
then sudo nano ./data/pg_hba.conf
then added to top of directives in pg_hba.conf file host all all 0.0.0.0/0 md5
and pgAdmin automatically logged me in.
This also worked in pg_hba.conf file
host all all md5 without any IP address and this also worked with my IP address host all all <myip>/32 md5
As a side note, my RDS was in my default VPC. I had an identical RDS instance in my non-default VPC with identical security group, ACL and security group settings to my default VPC and I could not get it to work. Not sure why but, that's for another day.
I am new to this type of database and I try to connect to it through the command line specifying psql, and then entering the password as blank. I get the above error (in the title of this question).
I dont know what the default password.
pg_hba file:
IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
host replication DIMA 127.0.0.1/32 trust
host replication DIMA ::1/128 trust
postgresql.config
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)
I restart the server this way:
C:\metasploit\postgresql\bin\pg_ctl -D "C:\metasploit\postgresql\myData" -l logfile start
All I want is to enter the database and change my password. And preferably to enter the PgAdmin-III (in GUI form)
If you were using trust authentication (which you should only use for development, if then) you would not be prompted for a password by psql.
I'd say you didn't properly restart the server. Maybe use restart instead of start?
As Craig said, you probably didn't restart the server and you should use restart instead of start. (reload may work as well but not as sure on Windows)
But that is not your problem. The key problem is almost certainly that you are not connecting to localhost and you have lines in your pg_hba.conf that are requiring passwords from other hosts.
Note if you connect to an external IP address, you will hit a different or more general rule.
This error means, basically, that the pg_hba.conf file is set to password authentication but no password was supplied. If you cannot find the problem quickly, what IP address the connection is from should be in the postgresql log file.
As for using trust, you should certainly change it back after changing your password. Ordinarily I would agree with Craig that one should not use trust authentication outside of development, but it is a legitimate approach to password resets of important users, and on Windows, this has to be done in ways supported well on the platform.
As a final note the question is how you are logging in. If you are going to set this, you should probably use psql -h 127.0.0.1 [dbname] to ensure Windows doesn't do something weird like try to connect using the machine name (and hence external IP).