getting this error message in ubuntu. in pg_hba.conf file, I tried using 'ident','peer','trust','md5' in different times.but no go. please help.
问题:
回答1:
in your pg_hba.conf
# IPv4 local connections:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
host all all 127.0.0.1/32 trust
if it does not work then try with
host all all your_ip/32 trust
then restart your data base it will work fine
回答2:
If the username and password are correct then md5
is the correct value. Make sure you restart the database process or at least have it reload the configuration after modifying pg_hba.conf
.
回答3:
It might be came from malicious traffic, check if the logs repeated almost each seconds like below
2019-04-17 16:10:39.228 UTC [32] FATAL:
password authentication failed for user "postgres"
2019-04-17 16:10:39.228 UTC [32] DETAIL:
Connection matched pg_hba.conf line 95: "host all all all md5"
2019-04-17 16:10:41.916 UTC [33] FATAL:
password authentication failed for user "postgres"
2019-04-17 16:10:41.916 UTC [33] DETAIL:
Connection matched pg_hba.conf line 95: "host all all all md5"
...
...
Lets verify TCP Traffic on port 5432 using tcpdump command
$ sudo tcpdump port 5432 and '(tcp-syn|tcp-ack)!=0'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens4, link-type EN10MB (Ethernet), capture size 262144 bytes
16:19:26.472838 IP XX-XXX-XXX-XXX-static.xxx.xxxxxx.net.39903 > xxx.xxx.xxx: Flags [S], seq 1779566115, win 29200, options [mss 1380,sackOK,TS val 451453976 ecr 0,nop,wscale 7], length 0
16:19:26.473135 IP xxx.xxx.xxx > XX-XXX-XXX-XXX-static.xxx.xxxxxx.net.39903: Flags [S.], seq 4028889669, ack 1779566116, win 28960, options [mss 1460,sackOK,TS val 2412144 ecr 451453976,nop,wscale 7], length 0
16:19:26.525816 IP XX-XXX-XXX-XXX-static.xxx.xxxxxx.net.39903 > xxx.xxx.xxx: Flags [.], ack 1, win 229, options [nop,nop,TS val 451453989 ecr 2412144], length 0
16:19:26.525875 IP xxx.xxx.xxx > XX-XXX-XXX-XXX-static.xxx.xxxxxx.net: Flags [P.], seq 1:42, ack 1, win 229, options [nop,nop,TS val 451453989 ecr 2412144], length 41
...
...
If this is the case then set firewall rules and necessary securities to combat bots or unwanted traffics.
回答4:
I noticed that I've created my user with an expiration date of yesterday. It also gave me the password error. I've opened pgadmin3 and in the users list at the bottom I've changed the expiration date of the problematic user.