API tools faq
paste
Advertisement
eebrah

pg_hba

eebrah
Sep 4th, 2015
101
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.22 KB | None | 0 0
raw download clone embed print report
  1. # PostgreSQL Client Authentication Configuration File
  2. # ===================================================
  3. #
  4. # Refer to the "Client Authentication" section in the PostgreSQL
  5. # documentation for a complete description of this file. A short
  6. # synopsis follows.
  7. #
  8. # This file controls: which hosts are allowed to connect, how clients
  9. # are authenticated, which PostgreSQL user names they can use, which
  10. # databases they can access. Records take one of these forms:
  11. #
  12. # local DATABASE USER METHOD [OPTIONS]
  13. # host DATABASE USER ADDRESS METHOD [OPTIONS]
  14. # hostssl DATABASE USER ADDRESS METHOD [OPTIONS]
  15. # hostnossl DATABASE USER ADDRESS METHOD [OPTIONS]
  16. #
  17. # (The uppercase items must be replaced by actual values.)
  18. #
  19. # The first field is the connection type: "local" is a Unix-domain
  20. # socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
  21. # "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
  22. # plain TCP/IP socket.
  23. #
  24. # DATABASE can be "all", "sameuser", "samerole", "replication", a
  25. # database name, or a comma-separated list thereof. The "all"
  26. # keyword does not match "replication". Access to replication
  27. # must be enabled in a separate record (see example below).
  28. #
  29. # USER can be "all", a user name, a group name prefixed with "+", or a
  30. # comma-separated list thereof. In both the DATABASE and USER fields
  31. # you can also write a file name prefixed with "@" to include names
  32. # from a separate file.
  33. #
  34. # ADDRESS specifies the set of hosts the record matches. It can be a
  35. # host name, or it is made up of an IP address and a CIDR mask that is
  36. # an integer (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that
  37. # specifies the number of significant bits in the mask. A host name
  38. # that starts with a dot (.) matches a suffix of the actual host name.
  39. # Alternatively, you can write an IP address and netmask in separate
  40. # columns to specify the set of hosts. Instead of a CIDR-address, you
  41. # can write "samehost" to match any of the server's own IP addresses,
  42. # or "samenet" to match any address in any subnet that the server is
  43. # directly connected to.
  44. #
  45. # METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
  46. # "krb5", "ident", "peer", "pam", "ldap", "radius" or "cert". Note that
  47. # "password" sends passwords in clear text; "md5" is preferred since
  48. # it sends encrypted passwords.
  49. #
  50. # OPTIONS are a set of options for the authentication in the format
  51. # NAME=VALUE. The available options depend on the different
  52. # authentication methods -- refer to the "Client Authentication"
  53. # section in the documentation for a list of which options are
  54. # available for which authentication methods.
  55. #
  56. # Database and user names containing spaces, commas, quotes and other
  57. # special characters must be quoted. Quoting one of the keywords
  58. # "all", "sameuser", "samerole" or "replication" makes the name lose
  59. # its special character, and just match a database or username with
  60. # that name.
  61. #
  62. # This file is read on server startup and when the postmaster receives
  63. # a SIGHUP signal. If you edit the file on a running system, you have
  64. # to SIGHUP the postmaster for the changes to take effect. You can
  65. # use "pg_ctl reload" to do that.
  66.  
  67. # Put your actual configuration here
  68. # ----------------------------------
  69. #
  70. # If you want to allow non-local connections, you need to add more
  71. # "host" records. In that case you will also need to make PostgreSQL
  72. # listen on a non-local interface via the listen_addresses
  73. # configuration parameter, or via the -i or -h command line switches.
  74.  
  75.  
  76.  
  77. # TYPE DATABASE USER ADDRESS METHOD
  78.  
  79. # "local" is for Unix domain socket connections only
  80. local all all md5
  81. # IPv4 local connections:
  82. host all all 127.0.0.1/32 ident
  83. # IPv6 local connections:
  84. host all all ::1/128 ident
  85. # Allow replication connections from localhost, by a user with the
  86. # replication privilege.
  87. #local replication postgres peer
  88. #host replication postgres 127.0.0.1/32 ident
  89. #host replication postgres ::1/128 ident
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!