Ident authentication failed on PostgreSQL through SSH tunnel

Question

I have PostgreSQL server and a seperate computer is a client of it. They are in one network. If I use psql command like

psql --host db_ip_address --port 5432 --user user base_name

connection goes fine and all works.

But if I'll open SSH tunnel to DB server like:

ssh -L 63333:localhost:5432 root@db_ip_address

and then try to do the same like:

psql --host localhost --port 63333 --user user base_name

than it suddenly output error message:

psql: FATAL: Ident authentication failed for user "user"

pg_hba.conf on server have this lines:

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all             127.0.0.1/32            trust
host    all             all             192.168.0.49/32         trust
host    all             all             192.168.0.50/32         trust
host    all             all             192.168.0.48/32         trust
# IPv6 local connections:
host    all             all             ::1/128                 ident

I need to use SSH tunnels because I actually need one more tunnel for my own computer, and it is the only way to get connection for db on it. And I don't want to change any configuration or base on PostgreSQL server, because it is working in real time server. Hope for help.

Answer 1

Based on the error message and pg_hba.conf, the server resolves localhost to its IPv6 address, which is tied to ident authentication.

As a solution, you may either:

• change pg_hba.conf to set trust method for ::1/128, as is already the case for 127.0.0.1/32

• or run psql --host 127.0.0.1 --port 63333 [other options]... to force the IPv4 address.