39 comment

1. I did the modifications, and get an error message (pg version 8.3):
   psql: FATAL: missing or erroneous pg_hba.conf file
   HINT: See server log for details.

2. Hi, its very urgent.
   I m continuously getting below error, while running JSP file in jakarta-tomcat.
   PSQLException: FATAL: Ident authentication failed for user “root”

   I am trying to connect to a database ‘bedrock’. I am able to login & see the DB by ‘psql -d bedrock -U root’ from cmd-prompt. But the same does not happen from JSP file. Why is it so?? Please help me, its been 5 days struggling like mads……….

3. Hey
   Tanks

4. Hi, I have the same problem. I’ve created a program in perl, which contains connector to database DBI, and driver DBD::Pg. But I have still the same answer Fatal: Ident Authetification failed for user postgres…
   this is the connector:
   my $dbh = DBI->connect(“DBI:Pg:dbname=test;host=localhost”, “postgres”, “”, {‘RaiseError’ => 1});

   please help…

5. Tank you!

6. Thank You! saved me once :-)

7. Thanks saved one life here!

8. @Vivek Gite
   Your description is causing an error:
   FATAL: missing or erroneous pg_hba.conf file
   this is coming from missing column:
   host all 127.0.0.1/32 trust
   Here is what the working line looks like
   host all all 127.0.0.1/32 trust

9. hmm… this is not working for me … any other ideas?

10. trust means to allow with no password. The command in the example will prompt for a password, but hitting enter will get you right in. You might want to use “password” instead of “trust.” See http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html.

    1. Felicia is exactly right, following this article is a potential security risk for your database. Use with caution!

11. Thanks, its worked for me. Saved my time.

12. worked like a charm thanks!

13. I found the file at /etc/postgresql/8.4/main/pg_hba.conf
    I had to comment out most of the lines:
    # local all all ident
    # host all all 127.0.0.1/32 md5
    # host all all ::1/128 md5
    and add:
    local all all trust
    host all all 127.0.0.1/32 trust
    at the bottom of pg_hba.conf

    save,
    sudo su – postgres
    service postgresql restart
    then I could do stuff (Rails 3 with RSpec)

14. I’m using postgresql version 8.4.5. I dont have /var/lib/pgsql/data/pg_hba.conf file. where is file located in this version?

    1. Hi Paul,

       If you had installed pgsql using *.bin file. it will be installed in /opt/Postgres/* by default. I think this file will be in /opt/P***/8.4/data/. Better you find this file uinsg “find ./ -name pg_hba.conf” in installed location.

       thanks Ramanathan

    2. If you are on Ubuntu it will be /etc/postgres/8.4/main/pg_dba.conf

15. i’ve solved this problem by adding the following line :

    local all user md5

    before:

    local all all ident sameuser

    in my pg_hba.conf. I think it’s more elegant and secure solution.

16. Make sure to put in password instead trusted, and check top line, it usually have separate line for default user. Check config twice!

17. Why restart the service and kick everyone out? Just reload the config file via:

    pg_ctl reload

18. This is what I had to do to fix mine, although I’m using Windows. When I attempted to use Cmd it would just give me the same error. Spent many hours attempting to fix that and finally I found that I had to create a user and database using a GUI on my server that had the same username and a password as it was asking for. Don’t know if that’ll help anyone, but that did the trick for me. =)
    P.S.
    My pg_hba are the defaults:
    Host all all 127.0.0.1/32 md5
    Host all all ::1/128 md5

    1. hey chris,I am currently in that situation..
       how do i find if i have got the gui installed along with postgresql8.2?

19. Thanks Rod McLaughlin, your script worked for me. Vivek, could you please fix your post? Your config is completely broken for PG 8.4 and above.

20. Thanks a ton !

21. Thanks for the pretty explained post!

22. Thanks you so much……….password authentication just bypass

23. What can I do, if I see this? (I couldn’t restart the server)

    CET LOG: local connections are not supported by this build
    CET CONTEXT: line 88 of configuration file “D:/pgdata/pg_hba.conf”
    CET FATAL: could not load pg_hba.conf

    In pg_hba.conf added:
    local all all all trust
    host all all 127.0.0.1/32 trust

24. This TRUST mechanism can be used on a per-database basis. For example,
    local somedatabase someuser trust

    On IPv6 enabled hosts, you also must set a TRUST method for localhost too.
    I did it using :
    # IPv6 local connections:
    host somedatabase someuser ::1/128 trust
    host all all ::1/128 ident

25. Great!! thanks :)

26. It has already been said, but again don’t set it to “trust”… that means you get in without a password. md5 and password auth are not much better, but surely don’t use trust.

    Dear author, please fix that. Thanks.

27. @unbekannt
    From the path of your pg_hba.conf file, which is apparently
    ‘D:\pgdata\pg_hba.conf’, you are running in some version of windows.
    the ‘local’ at the beginning of the pg_hba.conf lines refers to the type of connection.
    ‘local’ basically means ‘a unix socket’ — ( unix/linux: man 2 socket; man 7 unix )
    Since you are in windows, you have to connect via a TCP/IP socket.
    You already have the following line.

    host all all 127.0.0.1/32 trust

    You should just comment out the line that says

    local all all all trust

    because I dont believe that you can use Unix sockets in Postgres for Windows.
    Also, as said before, you should preferably change all the ‘trust’ keywords to ‘md5’ as stated earlier. You should try not to use ‘password’ because the passwords are sent in cleartext. I know the md5 algo is weak compared to sha-2, or sha-3, but ‘md5’ is still better than ‘password’. Also, a more complicated but more flexible setup would be to use LDAP or Kerberos/GSSAPI via the ‘ldap’ or ‘gss’ keywords respectively.
    as far as the ‘host’ at the beginning of the line, if you are connecting to your own machine (127.0.0.1, ::1, localhost), then host is fine, if you are connecting to a remote machine, you should consider setting up SSL certificates for your postgres server. Then you would change the ‘host’ to ‘hostssl’ like the following:

    #type      database      username        address                     auth_method
    hostssl        all                  all               192.168.100.100/24       md5
    

    you would change the ip address under ‘address’ to whatever address, or addresses, that your clients would connect from.
    Hope this helps anyone. :)

28. Follow up to my last comment:
    with psql you would need to use the ‘-h’ option to tell psql which host to connect to.
    if it is your own machine, the localhost, it would be as follows:
    psql -h localhost -U your_user_name -d database_name

29. I’m using postresql 9.2.4 on openSuse 13.1 Linux. I received authentication errors, as above. The postgresql.log reported:

    “could not connect to Ident server at address “::1″, port 113 connection refused…”

    See RFC 1413. The IPv6 local connections section of pg_hba.conf was edited as follows:
    “host all all ::1/128 trust”

    This allowed me to connect but is probably not the most secure. Hope this helps.

30. Thnxs a lot.. It Worked 4 me

31. Felt lot of head-ache untill i come to see this. Thanks a lot. I wish i had seen this 2days before. Thankyou once again.

32. If changes in the /etc/hba.conf file don’t work for you, you might try switching to root and changing:
    /var/lib/pgsql/9.3/data/pg_hba.conf

    This has worked for me.

    1. Thanks Bro you save my life yuhoooooo

33. Thanks a lot you save me

34. This article solved my problem.Thanks a lot.

    Have a question? Post it on our forum!