≡ Menu

How Do I Enable remote access to PostgreSQL database server?

By default, PostgreSQL database server remote access disabled for security reasons. However, some time you need to provide the remote access to database server from home computer or from web server.

Step # 1: Login over ssh if server is outside your IDC

Login over ssh to remote PostgreSQL database server:
$ ssh user@remote.pgsql.server.com

Step # 2: Enable client authentication

Once connected, you need edit the PostgreSQL configuration file, edit the PostgreSQL configuration file /var/lib/pgsql/data/pg_hba.conf (or /etc/postgresql/8.2/main/pg_hba.conf for latest 8.2 version) using a text editor such as vi.

Login as postgres user using su / sudo command, enter:
$ su - postgres
Edit the file:
$ vi /var/lib/pgsql/data/pg_hba.conf
$ vi /etc/postgresql/8.2/main/pg_hba.conf
Append the following configuration lines to give access to network:
host all all trust
Save and close the file. Make sure you replace with actual network IP address range of the clients system in your own network.

Step # 2: Enable networking for PostgreSQL

You need to enable TCP / IP networking. Use either step #3 or #3a as per your PostgreSQL database server version.

Step # 3: Allow TCP/IP socket

If you are using PostgreSQL version 8.x or newer use the following instructions or skip to Step # 3a for older version (7.x or older).

You need to open PostgreSQL configuration file /var/lib/pgsql/data/postgresql.conf or /etc/postgresql/8.2/main/postgresql.conf.
# vi /etc/postgresql/8.2/main/postgresql.conf
# vi /var/lib/pgsql/data/postgresql.conf
Find configuration line that read as follows:
Next set IP address(es) to listen on; you can use comma-separated list of addresses; defaults to ‘localhost’, and ‘*’ is all ip address:
Or just bind to and IP address
Save and close the file. Skip to step # 4.

Step #3a – Information for old version 7.x or older

Following configuration only required for PostgreSQL version 7.x or older. Open config file, enter:
# vi /var/lib/pgsql/data/postgresql.conf
Bind and open TCP/IP port by setting tcpip_socket to true. Set / modify tcpip_socket to true:
tcpip_socket = true
Save and close the file.

Step # 4: Restart PostgreSQL Server

Type the following command:
# /etc/init.d/postgresql restart

Step # 5: Iptables firewall rules

Make sure iptables is not blocking communication, open port 5432 (append rules to your iptables scripts or file /etc/sysconfig/iptables):

iptables -A INPUT -p tcp -s 0/0 --sport 1024:65535 -d  --dport 5432 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s --sport 5432 -d 0/0 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Restart firewall:
# /etc/init.d/iptables restart

Step # 6: Test your setup

Use psql command from client system. Connect to remote server using IP address and login using vivek username and sales database, enter:
$ psql -h -U vivek -d sales

Further readings:

=> man page: pgsql and configuration file

Share this on:

Your support makes a big difference:
I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft, takes a lot of my time and hard work to produce. If you use nixCraft, who likes it, helps me with donations:
Become a Supporter →    Make a contribution via Paypal/Bitcoin →   

Don't Miss Any Linux and Unix Tips

Get nixCraft in your inbox. It's free:

{ 46 comments… add one }
  • Sam October 9, 2007, 3:09 pm


    Just tried out this and worked like wonder.

  • Raju October 9, 2007, 3:11 pm

    Keep up the great blogging!

  • Swapneel November 14, 2007, 2:07 am

    Just wanted to point out that with PostgreSQL 8.x the option tcpip_socket is no longer valid.

    The correct parameter is,

    listen_address = ‘localhost’

    which needs to be changed to,

    listen_address = ‘*’

    and PostgreSQL daemon restarted.

  • vibhor goyal January 22, 2008, 7:26 am

    am working on postgres8.2.4

    iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d –dport 5432 -m state –state NEW,ESTABLISHED -j ACCEPT
    iptables -A OUTPUT -p tcp -s –sport 5432 -d 0/0 –dport 1024:65535 -m state –state ESTABLISHED -j ACCEPT

    these additions gave me error on restarting, asking me to restore the iptables.

    I removed the iptables from the above lines and it worked.

    as am novice in this field, so am not sure if what i did was correct.

  • sashbeer bhandari February 26, 2008, 2:07 pm

    how to improve speed and performance of database server on linux

  • Xionicfire April 9, 2008, 8:07 pm

    “How Do I Enable remote access to PostgreSQL database server? ”

    Still does not answer the question…

    the answer just points on to giving access to a small network, but what if you want to give access to ANY IP not just your network, basically REAL remote access.

    whats the command for that

  • nixCraft April 9, 2008, 8:50 pm

    ‘*’ = ALL, so use

    host all all * md5

    Refer to man page.

    but what if you want to give access to ANY IP not just your network, basically REAL remote access.
    This is a bad idea, giving out access to whole world is really a bad idea. Do you wanna anyone come and try to connect your database server?

  • Olmec Sinclair September 9, 2008, 12:08 am

    I am technical, but database and server admin is mot my area. I am writing a linux desktop application that reads data from postgres DB. I would like this application to able to use a central database (on my server).

    I see vivek (#7 above) recommends not opening up postgres to all the world. What is recommendation for a distributed application? Is there some way for the application to identify itself to postgres? Since each instance of the application will be an a separate network.

    Thanks for the info.

  • Goran September 27, 2008, 7:08 pm

    During instalation process I can not log in. What I have to enter in the username and password fields to be able to conect?
    I tried as username: postgres and for password postgrespass and postgresuser, but received a message :”invalid password or username”!?!?!

    • Ankit June 5, 2014, 2:19 pm

      Username= postgres
      password which did you write during of installation

  • niraj February 19, 2009, 1:09 pm

    very helpfull for newbie

  • frankpeng March 15, 2009, 12:50 am

    How is this:
    1, Listen to the world *
    2, Use md5
    3, only those database allowed
    4, only specific user.
    I will try this.

  • Louis April 3, 2009, 9:09 am

    Hi all,

    Now, i m facing problem in log in to postgresql by webmin interface. Problem is that all a long I used to login postgresql DB by webmin interface and able to login smoothly . But last few days ago , i ‘ve changed the root (super user) password and not able to log in at all . I believe password has been wrong for over 3 times and IP address has been blocked .
    Hence , I ‘ve tried to login from different IP address and also the same thing encountering.
    I ‘m using Postgresql very 7 + . Kindly pls help me to solve my problem by how to enable such thing back to normal . There is no IP talbes restrictions .

    Looking forward to your solutions..

  • Louis April 3, 2009, 9:11 am

    Hi all,

    Now, when i tried to log in , below is the error for yours references :

    12204 SSL port specified is not allowed.

    An error occurred while trying to retrieve your URL.
    This error could have been caused by:

    Bad / misspelled URL
    Your access permissions
    Your network connection and/or transient conditions on the Internet
    An error on the source web server


    Microsoft Proxy Server v2.0

    And also , this postgresql is running on Linux Debian , port number 10000 for it.


  • Louis April 3, 2009, 9:15 am

    Hi all ,

    Here is the error message for my issue,

    12204 SSL port specified is not allowed.
    An error occurred while trying to retrieve your URL.
    This error could have been caused by:
    Bad / misspelled URL
    Your access permissions
    Your network connection and/or transient conditions on the Internet
    An error on the source web server

    Hence, its running on Linux Debian and port 10000 ,

  • Bradley D. Thornton April 4, 2009, 11:42 pm

    Okay, that’s great for remote access via ssh. My problem is that there is a PostgreSQL Server in one datacenter, and a php based website in another data center. I’m told that you can’t enable PostgreSQL support in PHP w/o actually installing PostgreSQL Server on that machine, but I don’t want PostgreSQL on the webserver, and I have a customer that want’s to use it via his website w/PHP.

    This is what I’ve gotten so far from php.net:

    In order to enable PostgreSQL support, –with-pgsql[=DIR] is required when you compile PHP. DIR is the PostgreSQL base install directory, defaults to /usr/local/pgsql. If shared object module is available, PostgreSQL module may be loaded using extension directive in php.ini or dl() function.

    and from http://us3.php.net/manual/en/pgsql.requirements.php I get:

    To use PostgreSQL support, you need PostgreSQL 6.5 or later, PostgreSQL 8.0 or later to enable all PostgreSQL module features.

    So my question is, can I, or how can I enable PostgreSQL support in PHP w/o installing the actual database server on that particular machine?



    • nixCraft April 5, 2009, 2:25 am

      No Need to install PostgreSQL on same server. To connect via php, simply specifiy server IP, username and password. You also need to open port using iptables. Also, remote connection between two servers in the same data center is recommended. If you have a two different data center consider security (which can be overcome using SSL connection between db server and php app server) and latency.


  • eddie April 29, 2009, 10:26 am

    I am still having problems connecting. my pg_hba.conf file is thus
    # “local” is for Unix domain socket connections only
    local all all * trust
    IPv4 local connections:
    host all all * trust
    # IPv6 local connections:
    host all all ::1/128 ident sameuser

    my error message is this
    psql -h -d template1
    psql: FATAL: missing or erroneous pg_hba.conf file
    HINT: See server log for details.

    what am I doing wrong cause it was working before..

  • eddie April 29, 2009, 11:27 am
  • Thiago Lopes February 2, 2010, 8:01 pm


    In CentOS 2.6.9-89.0.16.plus.c4smp :

    Verify /var/lib/pgsql/data/postgresql.conf :

    Not only change:

    #tcpip_socket = false

    tcpip_socket = true

    But too:

    #port = 5432

    port = 5432

    In /var/lib/pgsql/data/pg_hba.conf add:

    host name_base name_user md5


    host name_base name_user fixed_ip md5


  • SimeON February 24, 2010, 1:58 pm

    Hello All,

    I have postgre installed via ports and the only config file I have is :

    Any idea of what could it be ?

  • srikanth July 1, 2010, 3:58 pm

    thanks dude…

  • Mike October 19, 2010, 7:16 pm

    Thanks for the doc: it resolved my issue.

    There is a small syntax error in your listen_addresses field (step #3): the list should be comma (NOT space) separated.

  • mark October 22, 2010, 8:22 am

    these instructions should be in the postgres documentation! great job, thanks

  • Joris November 11, 2010, 8:48 pm

    No more need to use IPTABLES, just type some: « sudo ufw allow 5432 » and you’re done ;)
    Many thanks!

  • Jonathan Martell November 27, 2010, 10:46 pm

    Great tip!

  • Joe December 9, 2010, 9:39 pm

    Works like a charm! Thank you!

  • Jared December 29, 2010, 4:33 pm


  • Marcio Wesley Borges February 14, 2011, 7:58 pm

    Nice article.
    Note that the listen_addresses must be comma separated as:

  • Bandhalaraja November 24, 2011, 11:54 am

    i unable to access data base form client said computer.2 days before i can access data base in my client computer(Windows xp) but now not able , because i reinstall postgres in my data base server machine(SUSE Linux) . regularly i give host ip address in my client computer but now i give mean not access .
    Please tell me solution to access data base from server machine (Linux) to client computer (Win xp)


    • Arjunan February 22, 2012, 10:40 am

      Hi..Change the postgresql.conf. file as follow
      host all all samenet trust

      Restart the Services.

      • Arjunan February 22, 2012, 10:42 am

        Hi..Change the pg_hba.conf file as follow
        host all all samenet trust

        Restart the Services.

  • Dave Neathery January 9, 2012, 3:26 pm

    I am trying to access postgresql from a C program running on Win XP. The database server is Linux and I can connect with it using SSH and psql but I have had not success connecting using PQconnectdb. I get the following error:
    libintl-8.dll was not found. I’m using Microsoft Visual C++ .NET 2003. That .dll is not on the computer and I don’t know how to get one.


  • parag May 24, 2012, 7:09 am

    Thanzx it really helped me …

  • hangover June 26, 2012, 8:25 am

    On step 3, in


    directive, IPs must be comma separated.

  • Foo Bar August 3, 2012, 9:48 am

    Just wanted to point out that please remember that the iptables-rule mentioned here is opening up your postgres-server to the whole world!!

    Please update it to acceppt connections from only known servers:

    iptables -A INPUT -s -m state –state NEW,ESTABLISHED -p tcp –dport 5432 -j ACCEPT

  • ingdestino July 15, 2013, 9:05 pm

    Clear and useful explanation: thanks a lot!

  • JP September 25, 2014, 12:20 pm

    Thanks , it worked , just remember to uncommnet listen_address

  • Valerie October 28, 2014, 7:03 pm

    Thank you so much. You saved my sanity.

  • Kristian Kirilov April 27, 2015, 7:32 am

    Thanks a lot!!!

  • Sandor April 29, 2015, 12:56 pm

    Thanks! You’ve helped me! Thanks!

  • Mihajlo November 5, 2015, 8:08 am

    Nice, thanks!
    Worked like a charm, also I didn’t have to mess with firewall.
    Only difference at mine setup is that all mentioned pg files were in “/usr/local/var/postgres/”

  • Vikrant Korde January 27, 2016, 10:43 am

    Really crisp steps. It solved my problem.
    – I didn’t change anything in /u01/AlfrescoDMS/alf_data/postgresql/pg_hba.conf
    – I changed file /u01/AlfrescoDMS/alf_data/postgresql/postgresql.conf
    – Added listen_addresses=’*’
    – In the conf file this line (tcpip_socket = true) was not present, so i didn;t add this line.

    It worked like a charm..
    Vikrant Korde.

  • Peeyush June 14, 2016, 7:48 am

    To allow connection with all the Hosts in `etc/postgresql/8.2/main/pg_hba.conf` add this line:-

    host all all md5

  • Sahil August 1, 2016, 7:34 am


  • Rizki Ardian September 14, 2016, 6:57 am

    Thank you so much !

Leave a Comment

   Tagged with: , , , , , , , , , , , , , , , , ,