Ruby-on-rails – Getting error: Peer authentication failed for user “postgres”, when trying to get pgsql working with rails

postgresqlruby-on-rails

I'm getting the error:

FATAL: Peer authentication failed for user "postgres"

when I try to make postgres work with Rails.

Here's my pg_hba.conf, my database.yml, and a dump of the full trace.

I changed authentication to md5 in pg_hba and tried different things, but none seem to work.

I also tried creating a new user and database as per Rails 3.2, FATAL: Peer authentication failed for user (PG::Error)

But they don't show up on pgadmin or even when I run sudo -u postgres psql -l.

Any idea where I'm going wrong?

Best Answer

The problem is still your pg_hba.conf file*.

This line:

local   all             postgres                                peer

Should be:

local   all             postgres                                md5

* The location of this file isn't very consistent. The command locate pg_hba.conf should help; here's some examples: /etc/postgresql/*/main/pg_hba.conf and /var/lib/pgsql/data/pg_hba.conf.

After altering this file, don't forget to restart your PostgreSQL server. If you're on Linux, that would be sudo service postgresql restart.

These are brief descriptions of both options according to the official PostgreSQL docs on authentication methods.

Peer authentication

The peer authentication method works by obtaining the client's operating system user name from the kernel and using it as the allowed database user name (with optional user name mapping). This method is only supported on local connections.

Password authentication

The password-based authentication methods are md5 and password. These methods operate similarly except for the way that the password is sent across the connection, namely MD5-hashed and clear-text respectively.

If you are at all concerned about password "sniffing" attacks then md5 is preferred. Plain password should always be avoided if possible. However, md5 cannot be used with the db_user_namespace feature. If the connection is protected by SSL encryption then password can be used safely (though SSL certificate authentication might be a better choice if one is depending on using SSL).

Sample location for pg_hba.conf:
/etc/postgresql/9.1/main/pg_hba.conf

Related Solutions

Postgresql – psql: FATAL: Ident authentication failed for user “postgres”

The following steps work for a fresh install of postgres 9.1 on Ubuntu 12.04. (Worked for postgres 9.3.9 on Ubuntu 14.04 too.)

By default, postgres creates a user named 'postgres'. We log in as her, and give her a password.

$ sudo -u postgres psql
\password
Enter password: ...
...

Logout of psql by typing \q or ctrl+d. Then we connect as 'postgres'. The -h localhost part is important: it tells the psql client that we wish to connect using a TCP connection (which is configured to use password authentication), and not by a PEER connection (which does not care about the password).

$ psql -U postgres -h localhost

Postgresql – ‘password authentication failed for user “postgres”‘

If I remember correctly the user postgres has no DB password set on Ubuntu by default. That means, that you can login to that account only by using the postgres OS user account.

Assuming, that you have root access on the box you can do:

sudo -u postgres psql

If that fails with a database "postgres" does not exists error, then you are most likely not on a Ubuntu or Debian server :-) In this case simply add template1 to the command:

sudo -u postgres psql template1

If any of those commands fail with an error psql: FATAL: password authentication failed for user "postgres" then check the file /etc/postgresql/8.4/main/pg_hba.conf: There must be a line like this as the first non-comment line:

local   all         postgres                          ident

For newer versions of PostgreSQL ident actually might be peer. That's OK also.

Inside the psql shell you can give the DB user postgres a password:

ALTER USER postgres PASSWORD 'newPassword';

You can leave the psql shell by typing CtrlD or with the command \q.

Now you should be able to give pgAdmin a valid password for the DB superuser and it will be happy too. :-)