Q. I’ve installed Postgresql under Red Hat Enterprise Linux 5.x server. I’ve created username / password and database. But when I try to connect it via PHP or psql using following syntax:

psql -d myDb -U username -W

It gives me an error that read as follows:

psql: FATAL: Ident authentication failed for user “username”

How do I fix this error?

A. To fix this error open PostgreSQL client authentication configuration file /var/lib/pgsql/data/pg_hba.conf :
# vi /var/lib/pgsql/data/pg_hba.conf
This file controls:

  1. Which hosts are allowed to connect
  2. How clients are authenticated
  3. Which PostgreSQL user names they can use
  4. Which databases they can access

By default Postgresql uses IDENT-based authentication. All you have to do is allow username and password based authentication for your network or webserver. IDENT will never allow you to login via -U and -W options. Append following to allow login via localhost only:

local	all	all	trust
host	all	trust

Save and close the file. Restart Postgresql server:
# service postgresql restart
Now, you should able to login using following command:
$ psql -d myDb -U username -W

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 39 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
39 comments… add one
  • andrew toth Jan 22, 2009 @ 21:36

    I did the modifications, and get an error message (pg version 8.3):
    psql: FATAL: missing or erroneous pg_hba.conf file
    HINT: See server log for details.

  • himanshu Mar 1, 2009 @ 12:18

    Hi, its very urgent.
    I m continuously getting below error, while running JSP file in jakarta-tomcat.
    PSQLException: FATAL: Ident authentication failed for user “root”

    I am trying to connect to a database ‘bedrock’. I am able to login & see the DB by ‘psql -d bedrock -U root’ from cmd-prompt. But the same does not happen from JSP file. Why is it so?? Please help me, its been 5 days struggling like mads……….

  • Camitux Mar 4, 2009 @ 3:04


  • Wladek Apr 22, 2009 @ 19:50

    Hi, I have the same problem. I’ve created a program in perl, which contains connector to database DBI, and driver DBD::Pg. But I have still the same answer Fatal: Ident Authetification failed for user postgres…
    this is the connector:
    my $dbh = DBI->connect(“DBI:Pg:dbname=test;host=localhost”, “postgres”, “”, {‘RaiseError’ => 1});

    please help…

  • Anibal Leite Aug 31, 2009 @ 15:55

    Tank you!

  • Saeed Nov 16, 2009 @ 8:05

    Thank You! saved me once :-)

  • kangu Feb 5, 2010 @ 16:49

    Thanks saved one life here!

  • lamachine Apr 2, 2010 @ 22:09

    @Vivek Gite
    Your description is causing an error:
    FATAL: missing or erroneous pg_hba.conf file
    this is coming from missing column:
    host all trust
    Here is what the working line looks like
    host all all trust

  • aaxc Jun 8, 2010 @ 6:28

    hmm… this is not working for me … any other ideas?

  • felicia Jun 25, 2010 @ 19:36

    trust means to allow with no password. The command in the example will prompt for a password, but hitting enter will get you right in. You might want to use “password” instead of “trust.” See http://developer.postgresql.org/pgdocs/postgres/auth-pg-hba-conf.html.

    • ciotog Nov 11, 2011 @ 13:35

      Felicia is exactly right, following this article is a potential security risk for your database. Use with caution!

  • Anand Sep 15, 2010 @ 8:42

    Thanks, its worked for me. Saved my time.

  • Anthalamus Sep 17, 2010 @ 14:55

    worked like a charm thanks!

  • Rod McLaughlin Dec 22, 2010 @ 23:58

    I found the file at /etc/postgresql/8.4/main/pg_hba.conf
    I had to comment out most of the lines:
    # local all all ident
    # host all all md5
    # host all all ::1/128 md5
    and add:
    local all all trust
    host all all trust
    at the bottom of pg_hba.conf

    sudo su – postgres
    service postgresql restart
    then I could do stuff (Rails 3 with RSpec)

  • paul Jan 1, 2011 @ 11:58

    I’m using postgresql version 8.4.5. I dont have /var/lib/pgsql/data/pg_hba.conf file. where is file located in this version?

    • Ramanathan Jan 6, 2011 @ 15:26

      Hi Paul,

      If you had installed pgsql using *.bin file. it will be installed in /opt/Postgres/* by default. I think this file will be in /opt/P***/8.4/data/. Better you find this file uinsg “find ./ -name pg_hba.conf” in installed location.

      thanks Ramanathan

    • Rossg Apr 13, 2011 @ 0:42

      If you are on Ubuntu it will be /etc/postgres/8.4/main/pg_dba.conf

  • milo Apr 19, 2011 @ 7:24

    i’ve solved this problem by adding the following line :

    local all user md5


    local all all ident sameuser

    in my pg_hba.conf. I think it’s more elegant and secure solution.

  • umpirsky May 25, 2011 @ 18:49

    Make sure to put in password instead trusted, and check top line, it usually have separate line for default user. Check config twice!

  • Nathan Jun 14, 2011 @ 4:31

    Why restart the service and kick everyone out? Just reload the config file via:

    pg_ctl reload

  • Chris Feb 14, 2012 @ 14:12

    This is what I had to do to fix mine, although I’m using Windows. When I attempted to use Cmd it would just give me the same error. Spent many hours attempting to fix that and finally I found that I had to create a user and database using a GUI on my server that had the same username and a password as it was asking for. Don’t know if that’ll help anyone, but that did the trick for me. =)
    My pg_hba are the defaults:
    Host all all md5
    Host all all ::1/128 md5

    • punitha Mar 11, 2014 @ 13:43

      hey chris,I am currently in that situation..
      how do i find if i have got the gui installed along with postgresql8.2?

  • Chris Feb 21, 2012 @ 13:08

    Thanks Rod McLaughlin, your script worked for me. Vivek, could you please fix your post? Your config is completely broken for PG 8.4 and above.

  • Dipak Chaudhari Jun 18, 2012 @ 9:24

    Thanks a ton !

  • Valéry Stroeder Aug 30, 2012 @ 11:11

    Thanks for the pretty explained post!

  • Geetchandra Mar 14, 2013 @ 9:23

    Thanks you so much……….password authentication just bypass

  • unbekannt Mar 23, 2013 @ 9:53

    What can I do, if I see this? (I couldn’t restart the server)

    CET LOG: local connections are not supported by this build
    CET CONTEXT: line 88 of configuration file “D:/pgdata/pg_hba.conf”
    CET FATAL: could not load pg_hba.conf

    In pg_hba.conf added:
    local all all all trust
    host all all trust

  • Milu Mar 26, 2013 @ 16:30

    This TRUST mechanism can be used on a per-database basis. For example,
    local somedatabase someuser trust

    On IPv6 enabled hosts, you also must set a TRUST method for localhost too.
    I did it using :
    # IPv6 local connections:
    host somedatabase someuser ::1/128 trust
    host all all ::1/128 ident

  • Wildan Muhlis Apr 28, 2013 @ 13:19

    Great!! thanks :)

  • Peter Jun 22, 2013 @ 17:29

    It has already been said, but again don’t set it to “trust”… that means you get in without a password. md5 and password auth are not much better, but surely don’t use trust.

    Dear author, please fix that. Thanks.

  • Arthur F. Miller Aug 2, 2013 @ 16:08

    From the path of your pg_hba.conf file, which is apparently
    ‘D:\pgdata\pg_hba.conf’, you are running in some version of windows.
    the ‘local’ at the beginning of the pg_hba.conf lines refers to the type of connection.
    ‘local’ basically means ‘a unix socket’ — ( unix/linux: man 2 socket; man 7 unix )
    Since you are in windows, you have to connect via a TCP/IP socket.
    You already have the following line.

    host all all trust

    You should just comment out the line that says

    local all all all trust

    because I dont believe that you can use Unix sockets in Postgres for Windows.
    Also, as said before, you should preferably change all the ‘trust’ keywords to ‘md5’ as stated earlier. You should try not to use ‘password’ because the passwords are sent in cleartext. I know the md5 algo is weak compared to sha-2, or sha-3, but ‘md5’ is still better than ‘password’. Also, a more complicated but more flexible setup would be to use LDAP or Kerberos/GSSAPI via the ‘ldap’ or ‘gss’ keywords respectively.
    as far as the ‘host’ at the beginning of the line, if you are connecting to your own machine (, ::1, localhost), then host is fine, if you are connecting to a remote machine, you should consider setting up SSL certificates for your postgres server. Then you would change the ‘host’ to ‘hostssl’ like the following:

    #type      database      username        address                     auth_method
    hostssl        all                  all            md5

    you would change the ip address under ‘address’ to whatever address, or addresses, that your clients would connect from.
    Hope this helps anyone. :)

  • Arthur F. Miller Aug 2, 2013 @ 16:13

    Follow up to my last comment:
    with psql you would need to use the ‘-h’ option to tell psql which host to connect to.
    if it is your own machine, the localhost, it would be as follows:
    psql -h localhost -U your_user_name -d database_name

  • Hugh Jass Nov 24, 2013 @ 17:17

    I’m using postresql 9.2.4 on openSuse 13.1 Linux. I received authentication errors, as above. The postgresql.log reported:

    “could not connect to Ident server at address “::1″, port 113 connection refused…”

    See RFC 1413. The IPv6 local connections section of pg_hba.conf was edited as follows:
    “host all all ::1/128 trust”

    This allowed me to connect but is probably not the most secure. Hope this helps.

  • Simo May 6, 2014 @ 9:05

    Thnxs a lot.. It Worked 4 me

  • Sreenath Oct 11, 2014 @ 6:35

    Felt lot of head-ache untill i come to see this. Thanks a lot. I wish i had seen this 2days before. Thankyou once again.

  • Olga Maciaszek-Sharma Dec 15, 2014 @ 14:08

    If changes in the /etc/hba.conf file don’t work for you, you might try switching to root and changing:

    This has worked for me.

    • hamed Sep 28, 2016 @ 8:35

      Thanks Bro you save my life yuhoooooo

  • suresh Jan 18, 2017 @ 3:28

    Thanks a lot you save me

  • mingcong deng Apr 14, 2017 @ 3:24

    This article solved my problem.Thanks a lot.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum