Skip to Content

Cloud Foundry SSH: Error connecting to PostgreSQL service instance

Hi everybody

I've got a PostgreSQL service instance running in my SCP Cloud Foundry trial account. I'm trying to access it from my local machine, using psql, the PostgreSQL command line tool.

I'm following this guide. SSH is enabled for the host application and the space, and my user has the Developer role in the space. However, when I execute the cf ssh HOST-APP -L ... command, I receive the following error:

Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain

I'm not sure whether this is a trial vs enterprise account issue?

Any input on this would be greatly appreciated.

Regards,

Morten

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    Jan 03 at 12:08 AM

    Hi Morten,

    I suppose you have already checkd your VCAP_SERVICES environment variable on Cloud Foundry (where you created the backing service for PostgreSQL). If not, please check username and password on the service instance via Cockpit are the same ones created via service-key command.

    My guess is that you have some other software blocking the tunnel from being established or some other software is already using that port. Make sure the local port chosen (i.e: -L 63306:....) is free from local firewall systems. Since port 63306 is a high port (above 1024) there a low probability that another software is blocking it. It is more likely yo be a firewall or a proxy in between that is blocking. That port will correspond to your your own machine where you are running psql. So you computer must have direct connection to your API. Meaning: no-proxy and no firewall (at least a firewall that doesn't block in/outbound connections to that port.

    If everything else fails, use a TCP/IP tracing tool to monitor connectivity between you and your API - maybe wireshark is a good tool to do it.

    Regards,
    Ivan

    Add comment
    10|10000 characters needed characters exceeded

    • Hello again, Ivan. The tunnel is working now. I'm not completely sure what the problem was, though, but probably something firewall-related. Accepting this answer. Thanks again! Regards, Morten.

  • Jan 02 at 02:23 PM

    Hi Morten,

    Could you please restart your application and try cf ssh again. It should work. We had faced a similar issue recently and were able to resolve with this workaround.

    Thanks and regards,

    Manju

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Manju. Thanks for your answer. Restarting the app does not have any effect on the issue, unfortunately. Were you able to create the tunnel (cf ssh -L ...) on a trial account? Regards, Morten.

  • Jan 02 at 02:33 AM

    Hello Morten, I would like to provide a hint for you. Hopefully, it would help. Your issue seems that PostgreSQL service doesn't have Password Authentication enabled for your current user.

    Could you refer the link below to get more detail about how to enabled Password Authentication for a user? thanks.

    https://www.postgresql.org/docs/9.1/static/auth-pg-hba-conf.html

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Richard. Thanks for your answer. I actually don't know, if I am able to interact with the PostgreSQL service without the SSH tunnel. Also, maybe my understanding is wrong, but I would expect authentication issues to manifest themselves when connecting with the psql tool, not when establishing the SSH tunnel? Not sure, though. Thanks again, Morten.