我已经在我的Ubuntu karma box上安装了PostgreSQL和pgAdminIII。
我能够成功地使用pgAdminIII(即连接/登录),但是当我尝试在命令行(使用psql)上使用相同的用户名/pwd登录到服务器时,我得到错误:
psql: FATAL: Ident authentication failed for user "postgres"
现在有人知道如何解决这个问题吗?
当前回答
对于Windows,如果您不想编辑pb_gba.conf,即保留MD5方法(默认),请在PGadmin的查询工具中运行此查询,创建一个新用户
CREATE USER admin WITH PASSWORD 'secret'
然后在CMD中
psql "dbname=Main_db host=127.0.0.1 user=admin password=secret port=5432
哪里dbname是你的db在postgresql
其他回答
我在Mac OSX的PostgreSQL 9.3上的解决方案是在bash shell中使用sudo进入数据文件夹,然后将必要的行追加到pg_hba.conf文件,以允许所有用户都是可信的,并能够登录。这就是我所做的:
# in bash_profile edit PGDATA environmental variable
open ~/.bash_profile
# append this line to bash_profile
export PGDATA="/Library/PostgreSQL/9.3/data"
# reload bash_profile
source ~/.bash_profile
# open pg_hba.conf in vim
sudo vi /Library/PostgreSQL/9.3/data/pg_hba.conf
# append these two lines to the end of the pg_hba.conf file
local all all trust
host all all 127.0.0.1/32 trust
# can now login as user in bash
psql -d <db_name> -U <user_name> -W
如果你在CentOS上使用它,你可能需要在做出上述解决方案后重新加载postgres:
systemctl restart postgresql-9.3.service
我花了更多的时间来解决这个我愿意承认的错误。
我认为pg_hba.conf中的身份验证配置顺序与您的情况相关。默认配置文件在普通安装中包含几行。这些默认值可以匹配身份验证尝试的条件,从而导致身份验证失败。不管在.conf文件末尾添加了什么额外的配置,它都会失败。
要检查使用的是哪一行配置,请确保查看消息的默认日志文件。你可能会看到这样的东西
LOG: could not connect to Ident server at address "127.0.0.1", port 113: Connection refused
FATAL: Ident authentication failed for user "acme"
DETAIL: Connection matched pg_hba.conf line 82: "host all all 127.0.0.1/32 ident"
结果是这条默认行导致了拒绝。
host all all 127.0.0.1/32 ident
试着把它注释掉。
您得到这个错误是因为您没有通过客户端身份验证。根据错误消息,您可能有默认的postgres配置,它将所有PostgreSQL连接的客户端身份验证方法设置为“IDENT”。
你一定要阅读PostgreSQL手册中的19.1节客户端身份验证,以更好地理解可用的身份验证设置(对于pg_hba.conf中的每条记录),但下面是相关的代码片段,以帮助解决你遇到的问题(来自版本9.5手册):
trust Allow the connection unconditionally. This method allows anyone that can connect to the PostgreSQL database server to login as any PostgreSQL user they wish, without the need for a password or any other authentication. See Section 19.3.1 for details. reject Reject the connection unconditionally. This is useful for "filtering out" certain hosts from a group, for example a reject line could block a specific host from connecting, while a later line allows the remaining hosts in a specific network to connect. md5 Require the client to supply a double-MD5-hashed password for authentication. See Section 19.3.2 for details. password Require the client to supply an unencrypted password for authentication. Since the password is sent in clear text over the network, this should not be used on untrusted networks. See Section 19.3.2 for details. gss Use GSSAPI to authenticate the user. This is only available for TCP/IP connections. See Section 19.3.3 for details. sspi Use SSPI to authenticate the user. This is only available on Windows. See Section 19.3.4 for details. ident Obtain the operating system user name of the client by contacting the ident server on the client and check if it matches the requested database user name. Ident authentication can only be used on TCP/IP connections. When specified for local connections, peer authentication will be used instead. See Section 19.3.5 for details. peer Obtain the client's operating system user name from the operating system and check if it matches the requested database user name. This is only available for local connections. See Section 19.3.6 for details. ldap Authenticate using an LDAP server. See Section 19.3.7 for details. radius Authenticate using a RADIUS server. See Section 19.3.8 for details. cert Authenticate using SSL client certificates. See Section 19.3.9 for details. pam Authenticate using the Pluggable Authentication Modules (PAM) service provided by the operating system. See Section 19.3.10 for details.
所以…要解决您正在经历的问题,您可以执行以下操作之一:
Change the authentication method(s) defined in your pg_hba.conf file to trust, md5, or password (depending on your security and simplicity needs) for the local connection records you have defined in there. Update pg_ident.conf to map your operating system users to PostgreSQL users and grant them the corresponding access privileges, depending on your needs. Leave the IDENT settings alone and create users in your database for each operating system user that you want to grant access to. If a user is already authenticated by the OS and logged in, PostgreSQL won't require further authentication and will grant access to that user based on whatever privileges (roles) are assigned to it in the database. This is the default configuration.
注意:pg_hba.conf和pg_identity .conf的位置取决于操作系统。
这招对我很管用: http://tecadmin.net/fatal-ident-authentication-failed-for-user-postgres/#
local all postgres trust
local all myapp_usr trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
#host all all ::1/128 trust
推荐文章
- 对于PostgreSQL表来说,多大才算太大?
- 将一列的多个结果行连接为一列,按另一列分组
- 使用pgadmin连接到heroku数据库
- 在PostgreSQL中快速发现表的行数
- 更改varchar列的大小为较低的长度
- 如何首次配置postgresql ?
- 数据库性能调优有哪些资源?
- 如何在PostgreSQL中自动更新时间戳
- 当使用JDBC连接到postgres时,是否可以指定模式?
- SQL:从时间戳日期减去1天
- PostgreSQL删除所有内容
- 为什么PostgreSQL要对索引列进行顺序扫描?
- PostgreSQL INSERT ON冲突更新(upsert)使用所有排除的值
- 如何检查一个表是否存在于给定的模式中
- 如何将整数转换为字符串作为PostgreSQL查询的一部分?
