0

I would like to connect to postgresql server which is not a public IP.
I need to do port forwarding to access the server. I used SSH client putty to do port forwarding.
I keyed in 6666 under "source" field of Putty and 172.13.212.37:5432 under "destination" field of putty. Later, I launched pgadmin and keyed in 127.0.0.1 under hostname/ipaddress and 6666 under port, but still am not able to connect.
Instead I get Fatal password authentication failed error. I am 100% sure that my password is right. Am I making any error in port forwarding?

Scenarios tried

enter image description here

1enter image description here

The Great
  • 139
  • 1
  • 12

1 Answers1

1

Am I making any error in port forwarding?

Probably, yes. The "destination" field in the tunnel declared in Putty must be the IP address and port of PostgreSQL from the point of view of the server you ssh into.

You mention it has no public IP, but 172.13.212.37 is a public IP address (see https://www.whois.com/whois/172.13.212.37).

In your case, it's a private IP address that is expected be in the "destination" field. If PostgreSQL is running on the same server than the one you ssh into, that would be 127.0.0.1 or localhost , otherwise a private network address if the PostgreSQL server is reachable through the local network.

Daniel Vérité
  • 1,555
  • 9
  • 11
  • Yup. From a linux ssh client point of view, the op wants `ssh -L3456:localhost:6543 user@remote` and his localhost:3456 will connect to what `remote` sees as localhost:6543. – ivanivan Apr 16 '19 at 22:18
  • @Daniel Verite - Apologies my postgresql ip is different from the above (172.13.212.37) and that's a private IP. I validated it using whois. So in destination, I have given the private IP address along with port number (5432). Then in pgadmin I configure 127.0.0.1 as hostname and my localport (6666) as port (This is the port number that I keyed in putty source field). But when I try to connect, I get the same error like password authentication failed. – The Great Apr 17 '19 at 02:50
  • @ivanivan - Did you get a chance to see my screenshots attached above? Only correction in the screenshot is, I will replace the Destination IP with my Private IP address where postgresql server is running and port number is same as 5432. I guess the pgadmin details in the screenshot are correct. Can you correct me if I am doing any blunder with the ports (am I doing it in reverser). I am not familiar with this networking concepts and am quite new. – The Great Apr 17 '19 at 02:54
  • Another issue which I would like to bring to your notice is that, when I use putty to connect to my postgresql server, I am able to connect to it successfully and execute the below psql command - "psql dbname selva". This lets me log into the db without any password prompt and am able to execute queries in command line – The Great Apr 17 '19 at 03:33
  • @Daniel Verite - You can find the two scenarios which I tried under "Scenarios tried" section in the question above but I still get the same error – The Great Apr 17 '19 at 09:55
  • With `psql dbname selva` it's using [Unix domain sockets](https://en.wikipedia.org/wiki/Unix_domain_socket) to connect locally. The closest to that remotely with the ssh tunnel is to put `127.0.0.1` in the destination. Please try that. If it still results in "incorrect password", consider updating the password with psql's `\password` command. – Daniel Vérité Apr 17 '19 at 10:55
  • @SELVA - I don't use `putty` so I have no idea on how to configure it with port forwarding. I added the equivalent using the plain `ssh` client just so others could understand the answer a tad better. – ivanivan Apr 17 '19 at 12:46
  • @Daniel Verite - what you are saying is any different from 1st image under 'scenario tried' section shown above in the question? I have configured localhost in the destination. – The Great Apr 17 '19 at 15:36
  • @SELVA: right. Then you should have the same password error if you do `psql -h localhost dbname selva` instead of `psql dbname selva`, on the target server, independently of setting up an ssh tunnel. Which would indicate it's a password problem, not an ssh tunnel/redirection problem. – Daniel Vérité Apr 17 '19 at 15:57
  • @DanielVérité - Thank you Daniel. It worked. You are awesome – The Great Apr 18 '19 at 03:19
  • @DanielVérité - Can you please help me with the below post ?https://superuser.com/questions/1431377/password-prompt-not-displayed-putty-session-screen – The Great Apr 30 '19 at 12:59