IDENT Authentication Failed For Postgres. Pg_hba.conf
Feb 15, 2007
I just reloaded the OS on our production server and I'm having issues configuring postgres.
the user postgres exists in the system (i.e. 'su postgres' switches me to that user)
i attempted to connect to my database 'service_2_3' via CLI:
Code:
$ su postgres
$ psql service_2_3
and i recieved the following error:
Code:
psql: FATAL: IDENT authentication failed for user "postgres@service_2_3"
the database is installed on the machine on which i was attempting to connect to it with.
therefore, i edited my pg_hba.conf so that it looks like this:
Code:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all ident sameuser
# IPv4 local connections:
host all all 127.0.0.1/32 ident sameuser
# IPv6 local connections:
host all all ::1/128 ident sameuser
host all all 0.0.0.0 0.0.0.0 password
I installed postgres and i seem to have a problem connecting to it both locally and remotely.
this is the error i get:
Code: Warning: pg_connect() [function.pg-connect]: Unable to connect to PostgreSQL server: FATAL: missing or erroneous pg_hba.conf file HINT: See server log for details. in /var/www/html/2.3/includes/configuration.php on line 25 these are the contents of my pg_hba.conf file
Code: # TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only #local all all ident sameuser local all all trust all
#@remove-line-for-nolocal@local all all @authmethod@ #host all all 10.0.0.1 255.255.255.0 trust
host all all all trust all
# IPv4 local connections: #host all all 127.0.0.1/32 ident sameuser host all all 127.0.0.1/32 trust all # IPv6 local connections: host all all ::1/128 ident sameuser
i'd imagine "host all all all trust all" would allow anyone to access it, wouldn't it?
Lately I've been spending a lot of time grok'ing the Postfix logfile (i.e., /usr/local/psa/var/log/maillog) and I've been noticing a lot of authentication failures (and even one successful break-in).
Most entries are just a simple pair of log entries that includes the source IP address and then the details of the mailbox name, like this one:
Code: Aug 12 08:08:18 www postfix/smtpd[4805]: warning: unknown[162.255.86.250]: SASL LOGIN authentication failed: authentication failure Aug 12 08:08:20 www plesk_saslauthd[4434]: failed mail authenticatication attempt for user 'media@example.com' (password len=6)
[Code]....
How are these entries generated? i.e., Why mailbox name given right away some times (like the first example) while - other times - the account name isn't displayed for several seconds - almost ninety seconds in the second example?
I have a VPS with plesk 12 I created an email account with one of my domains and when I try to send emails from this account through webmal of roundcube, I get the following error.: An error has occurred! SMTP Error (250): Authentication failed.
I initially had trouble where everytime i tried to load webmail.domain.tld i would have a DNS error, I've resolved this by correcting the DNS settings on my domain and now i can login to the webmail and recieve emails. Now, whether i use Horde or Roundcube i get this authentication error for my SMTP. I'm very new to this stuff and i'm not sure where my log files are or what the issue could be or even how to fix it.
Two days ago we have upgrade a Plesk Panel 11.5 to 12.0.18. It have been working properly until today. Lots of mailboxes doesn't work with the error
Jun 24 13:30:12 hosting2 plesk_saslauthd[19704]: No such user 'mailbox@domain.tld' in mail authorization database Jun 24 13:30:12 hosting2 plesk_saslauthd[19704]: failed mail authenticatication attempt for user 'mailbox@domain.tld' (password len=10)
The /usr/local/psa/admin/bin/mail_auth_view show only a few mailboxes. The /usr/local/psa/admin/sbin/mchk --with-spam does´t fix the problem.
If we change the password of one of the crashed mailbox, it works until the /usr/local/psa/admin/sbin/mchk command is executed.
If we try to clear a new mailbox in one of the domains that doesn't work, we adquire the error "mailmng-outgoing failed"...
I'm an IT administrator for a school and due to high amounts of spam and a shrinking budget, I've built a mail server with Slackware 11 as the OS and running Sendmail 8.14.2.
The email was working great for about a week when suddenly emails from the sever were being bounced. When I look at the bounced emails I notice this.
The original message was received at Mon, 21 Jul 2008 16:59:54 -0600 from IDENT:2@localhost [127.0.0.1]
What I'm guessing is that when a server receives our emails they see the 2@localhost [127.0.0.1], thinks it's spam and bounces it back to us.
I believe that I need to tweak the sendmail.cf file but I'm not too sure what I need to tweak. Here are some of the things I've tried so far.
In the sendmail.cf file I added servername.domainname.com to Cw localhost
Used the Masquerade options with no luck.
In a different forum someone said to edit the /etc/hosts file from this:
Which didn't help. Since DNS is being handled by another server, it was suggested that I edit the /etc/nsswitch.conf file so that the dns option was removed from the hosts: line. That didn't work either.
Right now I'm fairly confident that it's something I have to change in the .cf file but as I said earlier I'm not too sure what.
options { default-key "rndc-key"; default-server 127.0.0.1; default-port 953; }; # End of rndc.conf
# Use with the following in named.conf, adjusting the allow list as needed: #key "rndc-key" { # algorithm hmac-md5; # secret "KLGSBmWZrev0I4fR4Tm4GXxdcYSTFzF23b1f9is1M="; #}; # # controls { # inet 127.0.0.1 port 953 # allow { 127.0.0.1; } keys { "rndc-key"; }; # }; # End of named.conf Then i took a look at named.conf
Code: options { /* make named use port 53 for the source of all queries, to allow * firewalls to block all ports except 53: */
//query-source port 53;
/* We no longer enable this by default as the dns posion exploit has forced many providers to open up their firewalls a bit */
// Put files that named is allowed to write in the data/ directory: directory "/var/named"; // the default pid-file "/var/run/named/named.pid"; dump-file "data/cache_dump.db"; statistics-file "data/named_stats.txt"; /* memstatistics-file "data/named_mem_stats.txt"; */ };
logging { /* If you want to enable debugging, eg. using the 'rndc trace' command, * named will try to write the 'named.run' file in the $directory (/var/named"). * By default, SELinux policy does not allow named to modify the /var/named" directory, * so put the default debug log file in data/ : */ channel default_debug { file "data/named.run"; severity dynamic; }; };
// All BIND 9 zones are in a "view", which allow different zones to be served // to different types of client addresses, and for options to be set for groups // of zones. // // By default, if named.conf contains no "view" clauses, all zones are in the // "default" view, which matches all clients. // // If named.conf contains any "view" clause, then all zones MUST be in a view; // so it is recommended to start off using views to avoid having to restructure // your configuration files in the future.
view "localhost_resolver" { /* This view sets up named to be a localhost resolver ( caching only nameserver ). * If all you want is a caching-only nameserver, then you need only define this view: */ match-clients { 127.0.0.0/24; }; match-destinations { localhost; }; recursion yes;
zone "." IN { type hint; file "/var/named/named.ca"; };
/* these are zones that contain definitions for all the localhost * names and addresses, as recommended in RFC1912 - these names should * ONLY be served to localhost clients: */ include "/var/named/named.rfc1912.zones"; };
I have a server running Cpanel and I have added postgres through /scripts/installpostgres, also I have set it over WHM and can access phppgadmin but I got this error when connecting throug a script
Fatal error: Call to undefined function: pg_connect() in /home/rer1223/public_html/process/Connection.php on line 4
I checked and postgres is not listed in phpinfo output.
The issue is that I have with me a 1.5GB SQL dump from Postgres 8 which I extracted using pg_dump.
Restoring it seems to be an issue on this PC. I've tried modifying memory directives in postgresql.conf as well as the kernels SHMAX value but no go.
I tried a bunch of other things such as gzipping the file so that it was only 100mb and doing:
Code: gunzip -c dump.sql.gz | psql my_db But I recieved many errors saying "invalid command N" and I also got a syntax error notice and the process terminated.
I tried to at least try and enter some data manually but vim is incredibly slow since this is a 1.5GB file.
Is there a way I could perhaps split up my db dump and then import them into the db one by one?
i had to do a file system back up because of the size of my database.
i shutdown postmaster and tar'd the files.
i recently reloaded my OS and now i'm attempting to restore the backups. i first shut down postmaster, restored the backups to the data folder and restarted postmaster.
i then su'd from root to postgres user:
Code: [postgres@austin1 pgsql]$ psql service_2_3 psql: FATAL: database "service_2_3" does not exist DETAIL: The database subdirectory "base/16385" is missing.
the backups had a database named service_2_3 but upon restoring the backups, it doesn't seem to be available.
my data directory is /var/pgsql/data.
Code: [postgres@austin1 pgsql]$ ls -lahR /var/pgsql/ | grep 16385 but that yielded nothing.
have i done something wrong while backing up? i don't think i have since i followed the postgres manual when backing up. but the administrators have not been very thorough with how they've set the system up for me.
how i can resolve this issue if you have the time.
I'm running a server where I have my SSH key set up with the root user so I can log in without the password.
I also have an account called "jmaskell" that I use for everything, and I'm trying to add my SSH key to this. I've done exactly what I did for the root user and have my key in the .ssh/authorized_keys2 file. Unfortunately I'm still prompted for my password everytime I log in.
Is it possible to have the same SSH key stored for two different users?
We've been having some trouble logging into our Intranet here at work. Essentially it is set up to use Integrated Windows authentication but for some reason that was disabled last week and so no-one could log in. That was easy enough to fix and everything seemed to be back to normal.
However, I installed ModX CMS into a subfolder but when it comes to logging in to the admin backend I am repeatedly asked for my Windows ID and ultimately told I am not authorised to view the page. I can see the login page and I can enter the ModX admin details but it won't let me further than that.
The strange thing is a colleague with the same (admin) rights can log in no problem!
I am using WinXP Pro and IIS 5.1. When I try to access an asp file using IE 7 using a URL like [url], it always brings up the login dialog, and nothing I enter in it works. So, automatic authentication is failing. I verified that the Directory Security settings are correct.
I have a machine at home running the UniformServer wamp package on Win2K3 Standard server and I'm hosting a simple family picture gallery using Gallery 2.3. I put the gallery in a subdirectory of root so I could have a public homepage and a gallery that is password protected. I did this using .htaccess and .htpasswd.
My issue is when I browse to mydomain.com and click the link to the gallery [url], the password box pops up, and when I enter the appropriate credentials, the domain name reverts to the IP and another password box pops up. If I log in a second time, I'm fine. If I cancel that second login, it still lets me in, but prompts me to login that second time for every click going forward until I authenticate.
way to centrally login our FTP clients. We currently run ftp1/2/3/4.[url]and would like to have simply [url]which would authenticate the user and push the user to the relevant server.
This would hopefully work in the same way as a Radius Proxy.
I have problem to set Email authentication in Cpanel. when I send Email via Microsoft outlook, it is possible to send mail without SMTP authentication.
I have nginx conf which works perfectly fine with ip adress,but when i put domain then php for some reason no longer works,i getting download php file situation.
Here is main conf file:
####################################################################### # # This is the main Nginx configuration file. # # More information about the configuration options is available on # * the English wiki - http://wiki.codemongers.com/Main # * the Russian documentation - http://sysoev.ru/nginx/ # #######################################################################
#---------------------------------------------------------------------- # Main Module - directives that cover basic functionality # # http://wiki.codemongers.com/NginxMainModule # #----------------------------------------------------------------------
I'm about to set my own permalink rules in Wordpress.
My VPS is running LxAdmin on CentOS and I have lighttpd installed. I've read I need to edit lighttpd.conf but I don't know which application I should use. The file is located in /etc/lighttpd/ but have no idea how to gain access.
I have a new VPS server in which I did not configure the /etc/resolv.conf file. My VPS has three domains that are all working and resolving fine. But I keep getting an email from my provider that says this:
The hostname (v6.volumedr.com) resolves to. It should resolve to xx.xx.xx.xx. Please be sure to correct /etc/hosts as well as the 'A' entry in zone file for the domain.
Some are all of these problems can be caused by /etc/resolv.conf being setup incorrectly. Please check this file if youbelieve everything else is correct.
You may be able to automaticly correct this problem by using the Add an A entry for your hostname ' under ' Dns Functions ' in your Web Host Manager.
Why does the actual server hostname need to resolve via dns?
I have confirmed that /etc/hosts looks good and I added an A record in my WHM for each domain. Do I need to configure the /etc/resolv.conf file too? Do I need to list my three domains and my server hostname(v8) and then my two primary DNS servers?
