I have a postgresql 8.3 db set up on linux box, together with a user postgres
The pg_hba.conf reads
local all postgres ident sameuser
local all all md5
so no trusted connections from local machine.
Yet when connecting via commandline with psql, no password is asked and all users get all access to all databases.
I'm completely lost here..
Are you sure you did restart or reload of PostgreSQL after pg_hba.conf change?
If yes, type this command from postgres system account (shell):
psql -qAt -c "show hba_file" | xargs grep -v -E '^[[:space:]]*#'
If this will not help - show us output of the command.
You have to change both lines for IPv4 and IPv6 in pg_hba.conf
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
Server restart is needed.
Try
host all all 127.0.0.1/32 md5
instead.
Related
I am having an issue where I forgot the password to the postgres shell when trying to login as postgres. I looked online and found several different things to do, but none of it worked. I have messed with the pg_hba.conf file but even with that change, it is not working. Here is what my pg_hba.conf file looks like.
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records. In that case you will also need to make PostgreSQL
# listen on a non-local interface via the listen_addresses
# configuration parameter, or via the -i or -h command line switches.
# CAUTION: Configuring the system for local "trust" authentication
# allows any local user to connect as any PostgreSQL user, including
# the database superuser. If you do not trust all your local users,
# use another authentication method.
# TYPE DATABASE USER ADDRESS METHOD
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
# Allow replication connections from localhost, by a user with the
# replication privilege.
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
and then i ran the follwoing command:
brew services restart postgres
and I keep getting the following error:
omars-MacBook-Pro:postgres omarjandali$ psql -U postgres Password for user postgres: psql: error: could not connect to server: FATAL: password authentication failed for user "postgres"
Anyone know how to fix this issue.
It looks like your command psql -U postgres is attempting to make a socket connection, however you've only got trust authentication set up for TCP/IP connections on localhost.
Try psql -h localhost -U postgres.
Alternatively, add a line to pg_hba.conf setting up trust authentication for socket connections:
host all all trust
and restart PostgreSQL (though you don't actually need to restart it, pg_ctl -D /path/to/data-directory reload should work if you know the actual data directory path).
Recently I'm using PostgreSQL9.2 both in Windows 10 and Redhat (Linux).
But now I'm little concern about PostgreSQL access authentication.
Late me explain...
When i first installed PostgreSQL in my system i used two different password for two log in role postgres (default) and adempiere (created). In Redhat i use to psql -h localhost -U postgres db_name and psql -h localhost -U adempiere db_name command. Sometime this command wants password sometime not.
Recently I have used ALTER USER postgres WITH PASSWORD 'new_password'; and ALTER USER adempiere WITH PASSWORD 'new_password'; command to change. But here is an another problem. After changed my password when i get database access with psql -h localhost -U adempiere db_name command, i can access with both old_passwod and new_password.
Now what can i do for Strong authentication in my Database both Windows 10 and Redhat (linux) ?
Here is part of my pg_hba.conf for reference:
# Put your actual configuration here
# ----------------------------------
#
# If you want to allow non-local connections, you need to add more
# "host" records. In that case you will also need to make PostgreSQL
# listen on a non-local interface via the listen_addresses
# configuration parameter, or via the -i or -h command line switches.
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 trust
host all all 192.168.2.151/32 trust
host all all 192.168.2.5/32 trust
host all all 192.168.2.6/32 trust
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres md5
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
To force password authentication for every connection, replace trust with md5 everywhere in pg_hba.conf and reload the server.
It is dangerously negligent to use PostgreSQL 9.2. Use a later version. For one, this will offer the more secure scram-sha-256 hashing method for password authentication.
After attempt of all bases and uses deleting, I try to set postgresql again.
For this purpose I try to change the superuser password.
I enter in console
MacBook-Pro-Andrej:~ andrej$ sudo su - postgres
And system requests password.
But what the password may be, when I changed pb_hba.cfg as follows
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
local replication all trust
host replication all 127.0.0.1/32 trust
host replication all ::1/128 trust
in Log
FATAL: database "andrej" does not exist
But what is database "andrej", when I deleted all bases?
I try to delete this base ones more:
sudo -u postgres dropdb andrej
But system requests password...
You start your command with sudo so you are prompted for your OS password. Try to provide that password and the command should execute without any problem.
I have a AWS server which I can access using SSH with a .pem key.
Using valentina, i tried to access the postgres this way
I keep getting a failed Ident message.
I used that same .pem file and ssh into the server.
Used the same postgres user and password to access using psql client.
It works.
What do I need to do to make the Valentina Studio work as well?
UPDATE:
I have changed my pg_hba.conf to the following:
host all all * ident
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 ident
# IPv6 local connections:
host all all ::1/128 ident
I can run psql -U postgres on the postgres server.
I cannot run psql -h localhost -U postgres on the the postgres server.
UPDATE 2:
# "local" is for Unix domain socket connections only
local all postgres peer
local all all peer
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
This solves the issue
I keep getting a failed Ident message.
This suggests that you can in fact ssh in fine.
At a guess, your manual tests are along the lines of:
psql mydb
which will generally use a unix socket, which appears as local entries in pg_hba.conf.
By contrast your application will be connecting over TCP/IP, probably to a socket forwarded over ssh to localhost. This authenticates with host entries in pg_hba.conf.
So I think you're testing a different thing when logging in directly.
Try manually:
psql -h localhost mydb
i.e. force a TCP/IP connection to be used. You'll get the same error, and it's because of your setup in pg_hba.conf choosing ident as the auth method for host connections from localhost, and presumably there's no identd running or other mechanism to allow proper ident. You probably want to use md5 auth.
I have setup a Ubuntu VPS as per the railcast episode #335. I've worked through a few issues but can't get past the error above when starting Unicorn. I have been testing with this command to connect to the db since.
psql -U postgres -W
I have edited /etc/postgresql/8.4/main/pg_hba.conf as follows
# Database administrative login by Unix domain socket
local all postgres trust
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
It doesn't seem to matter what METHOD I use (trust, md5, password) the error is the same.
Any ideas would be appreciated.
Try using psql -U postgres -h localhost
As Per my setting plz use below setting can help this setting dear...
host all all 0.0.0.0/0 md5
host all all 127.0.0.1/32 md5
host all all ::1/128 md5
You usually connect as the postgres user with sudo -u postgres psql. Note that sudo prompts for the current users password (unless you are root), not a user from the database.