PostgreSQL InvalidPasswordError despite correct password
cyj801109-commits
HOBBYOP

a month ago

Hi, I'm getting asyncpg.exceptions.InvalidPasswordError: password authentication failed for user "postgres" when connecting my backend service to Railway PostgreSQL. Password in Config tab matches DATABASE_URL exactly. Tried internal URL, public URL, ssl=require, ssl=disable, regenerated password multiple times, deleted and recreated PostgreSQL service + volume multiple times. Still same error. Any idea what's causing this?

2 Replies

0x5b62656e5d
MODERATOR

a month ago

Try this:

  1. Disable all public networking on the database if you have any, the following steps will disable user authentication
  2. SSH into your database service (right click your service and select Copy SSH Command)
  3. Run this command: sed -i 's/host all all all scram-sha-256/host all all ::\/0 trust/' /var/lib/postgresql/data/pgdata/pg_hba.conf (This will bypass user authentication)
  4. Redeploy your database
  5. SSH again, and run the command psql
  6. Run ALTER USER postgres with password ' is the value of the variable PGPASSWORD in your Railway dashboard
  7. Type exit
  8. Run sed -i 's/host all all ::\/0 trust/host all all all scram-sha-256/' /var/lib/postgresql/data/pgdata/pg_hba.conf (This will re-enable user authentication)
  9. Redeploy your database
cyj801109-commits
HOBBYOP

a month ago

[Update] Railway PostgreSQL auth issue - still unresolved after following the fix steps

Following the steps from the previous reply, here's what happened:

Steps completed:

  1. Disabled public networking on the original Postgres service
  2. SSH'd in and changed pg_hba.conf to trust mode
  3. Redeployed Postgres
  4. SSH'd back in, ran psql, executed ALTER USER postgres WITH PASSWORD ''; → got ALTER ROLE (success)
  5. Restored pg_hba.conf to scram-sha-256
  6. Redeployed Postgres

Verification:

  • SELECT rolpassword FROM pg_authid WHERE rolname='postgres'SCRAM-SHA-256$4096:... (correct format)
  • psql -U postgres -h postgres.railway.internal -W with the PGPASSWORD value → connected successfully
  • Backend DATABASE_URL matches PGPASSWORD exactly

Still getting: asyncpg.exceptions.InvalidPasswordError: password authentication failed for user "postgres"

What we tried next:

Since the original Postgres (postgres-ssl:18) kept failing, we added a new Docker service using postgres:16 directly from Docker Hub.

  • Set POSTGRES_USER, POSTGRES_PASSWORD, POSTGRES_DB via Variables
  • Service is Online, logs show database system is ready to accept connections
  • Updated backend DATABASE_URL to postgresql://postgres:@postgres-8058.railway.internal:5432/railway
  • Same error: asyncpg.exceptions.InvalidPasswordError

Backend stack: FastAPI + asyncpg 0.30.0 + SQLAlchemy 2.0 async

Currently testing with POSTGRES_HOST_AUTH_METHOD=trust to isolate whether this is an asyncpg scram-sha-256 issue.

Any ideas what could cause asyncpg to fail auth even when psql connects successfully with the same credentials?

Welcome!

Sign in to your Railway account to join the conversation.

Login
Loading...