cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Cloud Foundry SSH: Error connecting to PostgreSQL service instance

Go to solution
MortenWittrock
Active Contributor

on ‎12-30-2017 12:48 PM

Hi everybody

I've got a PostgreSQL service instance running in my SCP Cloud Foundry trial account. I'm trying to access it from my local machine, using psql, the PostgreSQL command line tool.

I'm following this guide. SSH is enabled for the host application and the space, and my user has the Developer role in the space. However, when I execute the cf ssh HOST-APP -L ... command, I receive the following error:

Error opening SSH connection: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none password], no supported methods remain

I'm not sure whether this is a trial vs enterprise account issue?

Any input on this would be greatly appreciated.

Regards,

Morten

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Ivan-Mirisola
Product and Topic Expert
Product and Topic Expert
‎01-03-2018 12:08 AM

Hi Morten,

I suppose you have already checkd your VCAP_SERVICES environment variable on Cloud Foundry (where you created the backing service for PostgreSQL). If not, please check username and password on the service instance via Cockpit are the same ones created via service-key command.

My guess is that you have some other software blocking the tunnel from being established or some other software is already using that port. Make sure the local port chosen (i.e: -L 63306:....) is free from local firewall systems. Since port 63306 is a high port (above 1024) there a low probability that another software is blocking it. It is more likely yo be a firewall or a proxy in between that is blocking. That port will correspond to your your own machine where you are running psql. So you computer must have direct connection to your API. Meaning: no-proxy and no firewall (at least a firewall that doesn't block in/outbound connections to that port.

If everything else fails, use a TCP/IP tracing tool to monitor connectivity between you and your API - maybe wireshark is a good tool to do it.

Regards,
Ivan

Show replies
Show replies
MortenWittrock
Active Contributor
‎01-03-2018 11:21 AM
0 Kudos

Hi Ivan. Thanks for answering! I've compared the username and password in the Cockpit dashboard to the values in the service key, and they are identical. I've added a firewall exception for the CF CLI tool (and even turned off the firewall), but the error still occurs. I'm on Windows 10, by the way. I'm looking at a Wireshark capture right now, but it's pretty hard to make heads or tails of 😄 Regards, Morten.

MortenWittrock
Active Contributor
‎01-03-2018 11:46 AM

Hello again, Ivan. The tunnel is working now. I'm not completely sure what the problem was, though, but probably something firewall-related. Accepting this answer. Thanks again! Regards, Morten.

Answers (2)

Answers (2)

manjunath_b
Advisor
Advisor
‎01-02-2018 2:23 PM

Hi Morten,

Could you please restart your application and try cf ssh again. It should work. We had faced a similar issue recently and were able to resolve with this workaround.

Thanks and regards,

Manju

Show replies
Show replies
MortenWittrock
Active Contributor
‎01-02-2018 9:02 PM
0 Kudos

Hi Manju. Thanks for your answer. Restarting the app does not have any effect on the issue, unfortunately. Were you able to create the tunnel (cf ssh -L ...) on a trial account? Regards, Morten.

richard-zhao
Employee
Employee
‎01-02-2018 2:33 AM

Hello Morten, I would like to provide a hint for you. Hopefully, it would help. Your issue seems that PostgreSQL service doesn't have Password Authentication enabled for your current user.

Could you refer the link below to get more detail about how to enabled Password Authentication for a user? thanks.

https://www.postgresql.org/docs/9.1/static/auth-pg-hba-conf.html

Show replies
Show replies
MortenWittrock
Active Contributor
‎01-02-2018 10:29 AM
0 Kudos

Hi Richard. Thanks for your answer. I actually don't know, if I am able to interact with the PostgreSQL service without the SSH tunnel. Also, maybe my understanding is wrong, but I would expect authentication issues to manifest themselves when connecting with the psql tool, not when establishing the SSH tunnel? Not sure, though. Thanks again, Morten.

Ask a Question