AWS RDS: How to Connect to Instance - postgresql

I just set up an Amazon RDS instance. I have a separate application server and I am trying to figure out how to connect to the RDS instance from my EC2 application server. On the Instance page, I have
enbdpoint: mycompany.czdv3mj7ps25.us-west-2.rds.amazonaws.com:5432
I tried to login into to psql using that address but I got
$ psql -h mycompany.czdv3mj7ps25.us-west-2.rds.amazonaws.com:5432 -U myuser -d mydb
psql: could not translate host name "mycompany.czdv3mj7ps25.us-west-2.rds.amazonaws.com:5432" to address: Name or service not known
How do I connect to the instances database? I don't see any other ip addresses in the RDS console.

You have wrong syntax. The correct syntax is:
$ psql --host mycompany.czdv3mj7ps25.us-west-2.rds.amazonaws.com --port 5432 --username myuser --dbname mydb
You have specified port information wrong in you command. the port has to be specified using --port option and not hostname:port

This syntax worked for me in the psql command line:
\connect dbname username hostname port#
If the information is correct it will take a couple seconds to process then it will ask for your password
Also make sure the security group for your instance, the outbound/inbound is setup to allow access from your IP

Related

PgAdmin 4 password-less connection to local database via unix socket

I have initialized a pg database as such:
user_name#my_machine$ sudo -u postgres createuser -s user_name
user_name#my_machine$ createdb -T template0 db_name
I can now connect to it via psql via user_name#my_machine$ psql db_name
and everything works well with the CLI tooling.
The relevant auth line of /etc/postgresql/13/main/pg_hba.conf is:
local all all peer
Now I'd like to connect to it via PgAdmin 4, and I can't find a way to tell the interface that I want to connect via unix socket and don't need a password.
The sanest way I can think is:
but the connection is still rejected with a fe_sendauth: no password supplied.
I know I could configure a password for my user and give it, but I'd like to know if I can make PgAdmin behave properly.
Short answer: put /var/run/postgresql in host name/address.

How to connect to an alternative local postgresql cluster for the fist time?

In Ubuntu 16.04 I created second postgres database cluster, called cmg, with a local user as the admin user:
pg_create -u "local_username" -g "local_usergroup" -d /path/to/data/dir 9.5 cmg
The cluster was started with:
pg_ctrlcluster 9.5 cmg start
which ran successfully (pg_lsclusters show both are online)
The problem is I cannot connect to the cluster using psql as is normally done.
I tried using:
psql -h 127.0.0.1 -w -p5433 -U local_username
which fails with:
psql: fe_sendauth: no password supplied"
Is there any way to connect to the specific cluster?
use psql -h your_socket_dir -p5433 -U postgres to connect locally (uses peer auth by default - thus high chahce to login wothout password)
once logged in - set up password (create user if needed) and use it connecting remotely
psql -h 127.0.0.1 -p5433 -U local_username
in your connect string you had -w which is never ask for a password https://www.postgresql.org/docs/current/static/app-psql.html which would by default work only for local connections
I think the default pg_hba.conf when you start up a new cluster expects you to authenticate with peer connections, so you need to change user to your local user before connecting
[root#server~]# su - local_username
>> Enter password:
> password
[local_username#server~]# psql -h 127.0.0.1 -p 5433
You can check your pg_hba.conf file in /path/to/data/dir/pg_hba.conf to see how it expects you to authenticate.
Alternatively, if you cannot get access as your 'local_username' then instead su to postgres user in the instructions above and it should work

Getting an error trying to connect to Amazon RDS with Postgresql

I am new to AWS and Postgresql. I am trying to connect a AWS RDS db in which I have setup a PostGresql database.
psql -h <name_of_my_instance>.ctmkmqls5kgp.ap-southeast-1.rds.amazonaws.com:5432
psql: could not translate host name <name_of_my_instance>.ctmkmqls5kgp.ap-southeast-1.rds.amazonaws.com:5432 to address: nodename nor servname provided, or not known
I have edited the command and the error message that I got. would be replaced by the actual name of my instance.
Can someone please help me with this error.
Thank you.
Use -p option to specify your port number. -h option is only to specify your host.
Try this way :
psql -p 5432 -h <name_of_my_instance>.ctmkmqls5kgp.ap-southeast-1.rds.amazonaws.com -U <your user name>

PostgreSQL: Remotely connecting to Postgres instance using psql command

I want to remotely connect to a Postgres instance. I know we can do this using the psql command passing the hostname
I tried the following:
psql -U postgres -p 5432 -h hostname
I modified the /etc/postgresql/9.3/main/pg_hba.conf file on the target machine to allow remote connections by default
I added the following line to the file
host all all source_ip/32 trust
I restarted the cluster using
pg_ctlcluster 9.2 mycluster stop
pg_ctlcluster 9.2 mycluster start
However, when I try to connect from the source_ip, I still get the error
Is the server running on host "" and accepting TCP/IP connections on port 5432?
What am I doing wrong here?
I resolved this issue using below options:
Whitelist your DB host from your network team to make sure you have access to remote host
Install postgreSQL version 4 or above
Run below command:
psql -h <REMOTE HOST> -p <REMOTE PORT> -U <DB_USER> <DB_NAME>
psql -h <IP_Address> -p <port_no> -d <database_name> -U <DB_username> -W
-W option will prompt for password. For example:
psql -h 192.168.1.50 -p 5432 -d testdb -U testuser -W
I figured it out.
Had to set listen_addresses='*' in postgresql.conf to allow for incoming connections from any ip / all ip
Step Wise below
Opening the Port - Make sure the PSQL Port is open to all remote connections or connections from a specific set of IPs as per your requirement. PSQL, in general, runs at port 5432, and it is configurable, so expose relevant Port accordingly.
Update Remote Server PSQL Configuration - Set listen_addresses = '*' in postgresql.conf file, path in general is /etc/postgresql/psql_version/main/postgresql.conf
Connect remotely - psql -U <db_username> -h <IP_address> - in case psql is running on a port other than 5432 on the remote server, specify port by adding -p <port_number>
A little plus below -
In case the IP has been mapped to a domain name, you can connect by replacing <IP_address> with <host_name>. To do this, add a new connection rule in pg_hba.conf file
Note -
All above explained can cause security issues - best practice always is to either keep your psql port closed, or only allow a list of IPs to connect through the port.
Note that "ident" in pg_hba.conf requires a "ident server" to be running on the client.

Using psql to connect to PostgreSQL in SSL mode

I am trying to configure ssl certificate for PostgreSQL server. I have created a certificate file (server.crt) and key (server.key) in data directory and update the parameter SSL to "on" to enable secure connection.
I just want only the server to be authenticated with server certificates on the client side and don't require the authenticity of client at server side. I am using psql as a client to connect and execute the commands.
I am using PostgreSQL 8.4 and Linux. I tried with the below command to connect to server with SSL enabled
psql "postgresql://localhost:2345/postgres?sslmode=require"
but I am getting
psql: invalid connection option "postgresql://localhost:2345/postgres?sslmode"
What am doing wrong here? Is the way I am trying to connect to server with SSL mode enabled is correct? Is it fine to authenticate only server and not the client ?
psql below 9.2 does not accept this URL-like syntax for options.
The use of SSL can be driven by the sslmode=value option on the command line or the PGSSLMODE environment variable, but the default being prefer, SSL connections will be tried first automatically without specifying anything.
Example with a conninfo string (updated for psql 8.4)
psql "sslmode=require host=localhost dbname=test"
Read the manual page for more options.
psql --set=sslmode=require -h localhost -p 2345 -U thirunas \
-d postgres -f test_schema.ddl
Another Example for securely connecting to Azure's managed Postgres database:
psql --file=product_data.sql --host=hostname.postgres.database.azure.com --port=5432 \
--username=postgres#postgres-esprit --dbname=product_data \
--set=sslmode=verify-full --set=sslrootcert=/opt/ssl/BaltimoreCyberTrustRoot.crt.pem
Well, you could provide all the information with the following command in CLI, if a connection requires in SSL mode:
psql "sslmode=verify-ca sslrootcert=server-ca.pem sslcert=client-cert.pem sslkey=client-key.pem hostaddr=your_host port=5432 user=your_user dbname=your_db"
Found the following options useful to provide all the files for a self signed postgres instance
psql "host={hostname} sslmode=prefer sslrootcert={ca-cert.pem} sslcert={client-cert.pem} sslkey={client-key.pem} port={port} user={user} dbname={db}"
On psql client v12, I could not find option in psql client to activate sslmode=verify-full.
I ended up using environment variables :
PGSSLMODE=verify-full PGSSLROOTCERT=server-ca.pem psql -h your_host -U your_user -W -d your_db
psql "sslmode=require host=localhost port=2345 dbname=postgres" --username=some_user
According to the postgres psql documentation, only the connection parameters should go in the conninfo string(that's why in our example, --username is not inside that string)
psql -h <host> -p <port> -U <user> -d <db>
and update /var/lib/pgsql/10/data/pg_hba.conf to change the auth method to cert. Check the following link for more information:
https://www.postgresql.org/docs/9.1/auth-pg-hba-conf.html
Another pattern that worked with v8 is
psql -h host_name -p port -U user_name "dbname=db sslmode=require"