Re: Port 25060 failed: FATAL: pg_hba.conf rejects connection for host on Digital OCean

Uma, it seems that your pg_hba.conf doesn't have any rule for external access to the databases hosted at the server.
Due to absence of that rule, postgresql only accept local connection.
Your pgadmin are installend on the postgresql server?

regards
Wilson Coelho

---

Wilson Moraes Coelho Especialista Sia Trecho 08, lotes 245 / 255 / 265 || Tel.:+55 (61) 3039-9700 - (61) 99989-8932 71205-080 || Guará || Brasília, DF 0800-6020097 www.tecnisys.com.br

Em 16/05/2023 10:48, Uma Annamalai escreveu:

Hi PGSQL-Admin team, 

 

We did not have any issue but did not run the Digital ocean DB seeding for months and when the team tried to re-do it, we experienced the below error within the Pgadmin. We've been blocked for over 1 week now and tried so many things and nothing works. This is stalling a lot of our work.

Full error: connection to server at "DBNAME.b.db.ondigitalocean.com" (IP address), port 25060 failed: FATAL: pg_hba.conf rejects connection for host "IP address", user "NAME", database "NAME", SSL encryption
connection to server at "DBNAME.b.db.ondigitalocean.com" (IP Address), port 25060 failed: FATAL: no pg_hba.conf entry for host "IP Address", user "NAME", database "NAME", no encryption

• Does the order that you type out the updated information into the pg_hba.conf file matter? If so what is the correct order?
• What are the steps that I can take to resolve the issue? Do any of the articles referenced already actually provide the solution?
• Is this error occurring because I'm not on md5 method and it is on the default scram-sha-256?

The current pg_hba.conf file looks like this. After we tried making the changes recommended in the links, our postgresql stopped working all together so we reverted back to the original file.

# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all scram-sha-256
# IPv4 local connections:
host all all 127.0.0.1/32 scram-sha-256
# IPv6 local connections:
host all all ::1/128 scram-sha-256
# Allow replication connections from localhost, by a user with the
# replication privilege.
local replication all scram-sha-256
host replication all 127.0.0.1/32 scram-sha-256
host replication all ::1/128 scram-sha-256

Articles referred and tried:
https://dba.stackexchange.com/questions/83984/connect-to-postgresql-server-fatal-no-pg-hba-conf-entry-for-host https://dba.stackexchange.com/questions/264560/need-help-understanding-the-error-message-error-connecting-to-database-fatal https://dba.stackexchange.com/questions/161104/pgadmin-postgresql-no-pg-hba-conf-entry-for-host https://dba.stackexchange.com/questions/320468/postgresql-fatal-no-pg-hba-conf-entry-for-host-ipv6-user-user-databas

We have looked into somewhat related articles on stack exchange. Tried changing it to event listeners is * and changed to host all all 0.0.0.0/0 with trusted per user. Its still saying the same error and we expected the error to be resolved.

 

Also another thing is that in our Digital Ocean server - the SSL is default set to required and it is not allowing a change. This same required is stuck and not allowing it to be changed within the SSH portion of the Postgresql. Some folks have indicated that the SSL needs to be changed to true or that the reason for the issue is a mismatch between the SSL security in Digital Ocean versus Postgresql. But we are not able to attempt a change.

• How would we be able to change the SSL to true if that is what will help resolve the issue?

Uma