DigitalOcean

Report this

What is the reason for this report?
Question

How to set up passwordless postgresql for deployer user?

Posted on December 3, 2014
marvin danig

By marvin danig

I’m trying to set up passwordless postgres for my ‘deployer’ user. Made a couple of changes to pg_hba.conf file and restarted the service.

Here is how my current pg_hba.conf file looks:

### Database administrative login by Unix domain socket
local all postgres peer

### TYPE DATABASE USER ADDRESS METHOD

### "local" is for Unix domain socket connections only
local all all peer
### IPv4 local connections:
host all all 127.0.0.1/32 md5
### IPv6 local connections:
host all all ::1/128 md5

But even now when I ssh back in as deployer and $ sudo -i -u postgres it asks for the password. Is there something else that I have to do?



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Andrew SB
Andrew SBDigitalOcean Employee badge
June 15, 2016

In order to allow passwordless login to Postgres, you should change peer to trust:

/etc/postgresql/9.3/main/pg_hba.conf
# Database administrative login by Unix domain socket
local   all             postgres                                trust

Remember to restart Postgres so the change takes effect: sudo service postgresql restart

From the Postgres docs:

When trust authentication is specified, PostgreSQL assumes that anyone who can connect to the server is authorized to access the database with whatever database user name they specify (even superuser names). Of course, restrictions made in the database and user columns still apply. This method should only be used when there is adequate operating-system-level protection on connections to the server.

Another option that is a bit more restrictive would be to create a .pgpass file in the deploy user’s home directory.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2025 DigitalOcean, LLC.Sitemap.