current community

your communities

more stack exchange communities

company blog
Stack Exchange Inbox Reputation and Badges
tour help
Join the Stack Overflow Community
Stack Overflow is a community of 4.7 million programmers, just like you, helping each other.
Join them; it only takes a minute:
Sign up
up vote 270 down vote favorite
85

Im getting

FATAL: Peer authentication failed for user "postgres"

when I try to make postgres work with Rails.

Here's my pg_hba.conf: http://pastebin.com/4V1sMS01 and my database.yml: http://pastebin.com/mS0G6Srp

And a dump of the full trace: http://pastebin.com/bXg1Pkr5

I changed authentication to md5 in pg_hba and tried different things, but none seem to work.

I also tried creating a new user and database as per Rails 3.2, FATAL: Peer authentication failed for user (PG::Error)

But they don't show up on pgadmin or even when I run sudo -u postgres psql -l

Any idea where I'm going wrong?

share|improve this question
1  
1): Make sure you have a user named "postgres" created and having right on your Database 2): Make sure he has a password 3): Make sure your config/database.yml contains the rights credentials (username + password) – MrYoshiji Sep 6 '13 at 18:19
1  
need everyplace peer and indent set to md5 – Artem.Borysov Jul 28 '15 at 8:55
3  
See also this answer - connection may fail on localhost but succeed on 127.0.0.1. – uvsmtid Aug 26 '15 at 7:13
1  
In my case I needed to add host: localhost in the database.yml file. – Mihail Velikov Mar 16 at 6:50

12 Answers 12

up vote 400 down vote accepted

The problem is still your pg_hba.conf file (/etc/postgresql/9.1/main/pg_hba.conf). This line:

local   all             postgres                                peer

Should be

local   all             postgres                                md5

These are brief descriptions of both options according to the official PostgreSQL docs on authentication methods.

Peer authentication

The peer authentication method works by obtaining the client's operating system user name from the kernel and using it as the allowed database user name (with optional user name mapping). This method is only supported on local connections.

Password authentication

The password-based authentication methods are md5 and password. These methods operate similarly except for the way that the password is sent across the connection, namely MD5-hashed and clear-text respectively.

If you are at all concerned about password "sniffing" attacks then md5 is preferred. Plain password should always be avoided if possible. However, md5 cannot be used with the db_user_namespace feature. If the connection is protected by SSL encryption then password can be used safely (though SSL certificate authentication might be a better choice if one is depending on using SSL).

After altering this file, don't forget to restart your PostgreSQL server. If you're on Linux, that would be sudo service postgresql restart.

share|improve this answer
18  
You'll need to reload your postgresql service after changing this /etc/init.d/postgresql reload – funkotron Oct 28 '13 at 13:50
52  
putting this here since I always forget where this file is /etc/postgresql/9.1/main/pg_hba.conf – Doug Jan 30 '14 at 21:08
6  
@funkotron At least on my ElementaryOS (Ubuntu) installation, sudo service postgreql restart also works. – Marnen Laibow-Koser Mar 21 '14 at 17:47
7  
To answer my own question: 'peer' authentication means that postgres asks the operating system for your login name and uses this for authentication, so the user on the OS and on postgres must be the same. 'md5' uses encrypted password authentication. – Dennis Mar 28 '14 at 15:17
3  
I understand the change. But why isn't this the default behaviour? Is there any drawback using md5? – Victor Marconi Jun 13 '15 at 19:31
up vote 124 down vote

After installing Postgresql I did the below steps.

  1. open the file pg_hba.conf for Ubuntu it will be in /etc/postgresql/9.x/main and change this line:
local   all             postgres                                peer

to

local   all             postgres                                trust
  1. Restart the server
sudo service postgresql restart
  1. Login into psql and set your password

psql -U postgres

ALTER USER postgres with password 'your-pass';
  1. Finally change the pg_hba.conf from
local   all             postgres                                trust

to

local   all             postgres                                md5

After restarting the postgresql server, you can access it with your own password

Authentication methods details:

trust - anyone who can connect to the server is authorized to access the database

peer - use client's operating system user name as database user name to access it.

md5 - password-base authentication

for further reference check here

share|improve this answer
5  
changing the method to "trust" worked for me. +1 for explanation of authentication method details. – La-comadreja Nov 18 '14 at 22:46
1  
On OS X homebrew the default is trust, while on Ubuntu somehow the default is set to "peer", which led to discrepancies between my setup and that of my colleague. We changed his to MD5 which didn't help, so "trust" is the real answer here(We're only doing development testing). Should get more upvotes. – JI Xiang Nov 22 '14 at 14:42
    
you also can set md5 everyplace from the very beginning – Artem.Borysov Jul 28 '15 at 8:50
    
This way is working for me, using method md5 first was not. – Josh Gandosh Sep 16 at 22:39
up vote 50 down vote

If you connect over localhost (127.0.0.1) you shouldn't experience that particular issue. I wouldn't muck much with the pg_hba.conf but instead I would adjust your connection string:

psql -U someuser -h 127.0.0.1 database

where someuser is your user you're connecting as and database is the database your user has permission to connect to.

Here is what I do on Debian to setup postgres:

http://www.postgresql.org/download/linux/debian/  (Wheezy 7.x)

as root …

    root@www0:~# echo "deb http://apt.postgresql.org/pub/repos/apt/ wheezy-pgdg main" >> /etc/apt/sources.list

    root@www0:~# wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -

    root@www0:~# apt-get update

    root@www0:~# apt-get install postgresql-9.4        

    root@www0:~# su - postgres 

    postgres@www0:~$ createuser --interactive -P someuser
    Enter password for new role:
    Enter it again:
    Shall the new role be a superuser? (y/n) n
    Shall the new role be allowed to create databases? (y/n) y
    Shall the new role be allowed to create more new roles? (y/n) n

    postgres@www0:~$ createdb -O someuser database

    postgres@www0:~$ psql -U someuser -h 127.0.0.1 database

Enjoy!

share|improve this answer
4  
I think this is the best solution as it actually solves the local problem without messing without messing with global configuration as the other answers recommend. – jeteon Jan 31 at 4:47
    
I really wish this answer was higher up on the list. It's probably the answer most people are looking for. – momo May 5 at 17:58
up vote 7 down vote

I had the same problem.

The solution from depa is absolutely correct.

Just make sure that u have a user configured to use PostgreSQL.

Check the file:

$ ls /etc/postgresql/9.1/main/pg_hba.conf -l

The permission of this file should be given to the user you have registered your psql with.

Further. If you are good till now..

Update as per @depa's instructions.

i.e.

$ sudo nano /etc/postgresql/9.1/main/pg_hba.conf

and then make changes.

share|improve this answer
up vote 7 down vote
  1. Go to this /etc/postgresql/9.x/main/ and open pg_hba.conf file

In my case:

$>  sudo nano /etc/postgresql/9.3/main/pg_hba.conf
  1. Replace peer with md5

So this will be changed to:

Database administrative login by Unix domain socket local all postgres peer

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     peer
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5

This:

Database administrative login by Unix domain socket local all postgres md5

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     md5
# IPv4 local connections:
host    all             all             127.0.0.1/32            md5

  1. Then restart pg server:

    $> sudo service postgresql restart

Below is list of METHODS used to connect with postgres:

# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
# "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert".  Note that
# "password" sends passwords in clear text; "md5" is preferred since
# it sends encrypted passwords.

Note: If you have not create you postgres user yet. Create that and now you can access postgres server using that user credentials.

share|improve this answer
up vote 4 down vote

If you have problem, you need to locate your pg_hba.conf

find / -name 'pg_hba.conf' 2>/dev/null

And change configuration like image:

Postgresql 9.3

enter image description here

Postgresql 9.4

enter image description here

After that you should to restart service postgresql

Example for postgresql 9.3

service postgresql-9.3 restart

If you have any problems, you need to set password again:

ALTER USER db_user with password 'db_password';

share|improve this answer
up vote 1 down vote

the below command works for me:

psql -d myDb -U username -W
share|improve this answer
1  
Care to elaborat what this command does exactly? – Maerlyn Mar 16 '15 at 10:46
    
man psql -W --password Force psql to prompt for a password before connecting to a database. This option is never essential, since psql will automatically prompt for a password if the server demands password authentication. However, psql will waste a connection attempt finding out that the server wants a password. In some cases it is worth typing -W to avoid the extra connection attempt. – Yaroslav Nikitenko Dec 7 '15 at 18:04
up vote 1 down vote

I was moving data directory on a cloned server having troubles to login as postgres and to reset postgres password just this worked for me

root# su postgres

postgres$ psql -U postgres

psql (9.3.6)

Type "help" for help.

postgres=#\password

Enter new password:

Enter it again:

postgres=#

share|improve this answer
up vote 1 down vote

The edits above worked for me, after I figured out that I needed to restart the postgres server after making them. For ubuntu:

sudo /etc/init.d/postgresql restart
share|improve this answer
up vote 0 down vote

You need just set METHOD to trust.

#TYPE  DATABASE        USER            ADDRESS                 METHOD
local    all             all                                     trust

And reload postgres server. 

# service postgresql-9.5 reload

Changes in pg_hba.conf dont require RESTART postgres server. just RELOAD.

share|improve this answer
up vote 0 down vote

Use "host=localhost" in connection.

PGconn *conn = PQconnectdb("host=localhost user=postgres dbname=postgres password=123");

share|improve this answer
up vote 0 down vote

If you want to keep the default config but want md5 authentication with socket connection for one specific user/db connection, add a "local" line BEFORE the "local all/all" line:

# TYPE  DATABASE     USER         ADDRESS             METHOD

# "local" is for Unix domain socket connections only
local   username     dbname                           md5  # <-- this line
local   all          all                              peer
# IPv4 local connections:
host    all          all          127.0.0.1/32        ident
# IPv6 local connections:
host    all          all          ::1/128             ident
share|improve this answer

Your Answer

 
discard

By posting your answer, you agree to the privacy policy and terms of service.

Not the answer you're looking for? Browse other questions tagged or ask your own question.