Skip site navigation (1) Skip section navigation (2)

Re: ssl tunneling in postgres 8.1

From: "P Kapat" <kap4lin(at)gmail(dot)com>
To: "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: ssl tunneling in postgres 8.1
Date: 2008-11-18 23:22:07
Message-ID: daef5be80811181522s6e27aeb3p91c82d9d2f93f76a@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-novice
On Tue, Nov 18, 2008 at 2:59 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> "P Kapat" <kap4lin(at)gmail(dot)com> writes:
>> I am reading the documentation from here:
>> http://www.postgresql.org/docs/8.1/static/ssh-tunnels.html
>
>> I am able to ssh (I use ssh keys) in to foo.com using the username
>> joe. My client machine (localhost) is bar.com with username sam (say).
>
>> bar$ ssh -L 3333:foo.com:5432 joe(at)foo(dot)com
>> [this logs me into foo as joe; here i have access to a database named
>> "joe" using the password "joepass"]
>
>> So I try to connect to this local port (but remote server) by:
>
>> bar$ psql -h localhost -p 3333 joe -U joe -W
>> Password for user joe: joepass
>> psql: server closed the connection unexpectedly
>>         This probably means the server terminated abnormally
>>         before or while processing the request.
>
>> And on the remote ssh terminal I get the following error:
>
>> foo$ channel 3: open failed: connect failed: Connection refused
>
>> What am I doing wrong?
>
> My bet is that you have the Postgres server configured so that it
> only accepts Unix-socket connections and not local TCP connections
> (which is what the SSH tunnel will try to connect to).  If you do
> "psql -h localhost" on the remote server, does it work?

Well, it seems to connect:

foo$ psql -h localhost
Welcome to psql 8.1.11, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
[usual messages: snipped]

> If not, you need to fool with listen_addresses and possibly your
> pg_hba.conf setup.

I am not sure how to tinker with these conf files. The server policy
will not allow any non-local connection. But as a test case I can play
with the reverse connection - remote as client and local as the
server. I have full access to my local (bar) machine. As I said, the
errors are exactly similar.

Any pointers?
-- 
Regards
PK
--------------------------------------
http://counter.li.org  #402424

In response to

Responses

pgsql-novice by date

Next:From: Tom LaneDate: 2008-11-19 03:10:19
Subject: Re: ssl tunneling in postgres 8.1
Previous:From: Tom LaneDate: 2008-11-18 19:59:43
Subject: Re: ssl tunneling in postgres 8.1

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group