Example of pg_cmd.conf record

Source: Internet
Author: User
Tags unix domain socket
# Allow any user on the local machine to use Unix domain socket (default for local connection) # connect to any database as any database user ### type Database User CIDR-ADDRESS methodlocal all trust # Same as above, but use loopback) TCP/IP connection # type Database User CIDR-ADDRESS methodhost all 127.0.0.1/32 trust # Same as the above line, however, it uses an independent mask field # type Database User IP-ADDRESS methodhost all 127.0.0.1 255.255.255.255 trust # allow any host whose IP address is 192.168.93.x to be connected to the database # "Postgres, use the same ident as their own host User ID his own # (usually his UNIX username) # type Database User CIDR-ADDRESS methodhost Postgres all 192.168.93.0/24 ident sameuser # Allow users from host 192.168.12.10 to connect to the "Postgres" database, # As long as the user provides the correct password. # Type Database User CIDR-ADDRESS methodhost Postgres all 192.168.12.10/32 MD5 # if there is no other "host" line above, the following two rows reject all connection requests from #192.168.54.1 (because the previous record matches first ), # However, the connection that allows valid Kerberos 5 authentication from any other place on the Internet # The Zero mask indicates that no bit of the Host IP address is considered. So it matches any host: # type Database User CIDR-ADDRESS methodhost all 192.168.54.1/32 rejecthost all 0.0.0.0/0 krb5 # allow any user from 192.168.x.x to connect to any database, as long as they pass the ident check # But if the ident says the user is "bryanh" and he asks to connect to the PostgreSQL user "guest1", # It is only in 'pg _ ident. conf 'contains the oing of "Omicron", which means that "bryanh" can be connected only when # "guest1" is used for join. # Type Database User CIDR-ADDRESS methodhost all 192.168.0.0/16 ident Omicron # If the following are only three rows for local join, then they will allow local users # Only connect to their own databases (the Database Name and database username have the same name), # Only the members in the administrator and role "support, they can connect to any database. # The $ pgdata/admins file lists the usernames that can be connected to all databases. # Password is required in all cases. # Type Database User CIDR-ADDRESS methodlocal sameuser all md5local all @ admins md5local all + support MD5 # the last two lines can be combined into a line of local all @ admins, + support MD5 # The list and file name of the database fields can also be used: Local db1, DB2, @ demodbs all MD5


For more information about ipvssql client authentication, refer:
    • PostgreSQL 8.1 Chinese document:20.1.Pg_mirror.confFile
    • PostgreSQL 8.1 Chinese document: 20.2. Authentication Method

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.