PostgreSQL uses the pg_hba.conf file as a built-in firewall to manage authorization. HBA in pg_hba.conf stands for host-based authentication. This file is appended with entries that serve the purpose of enabling and disabling user connections based on a combination of five categories, as follows:
- Connection type
- Database name
- Username
- IP address
- Authentication method
The entries in the pg_hba.conf file determine whether a user connecting from a remote server is allowed to connect to a database using a specific username with the specified authentication method.
Categories in the pg_hba.conf file
Let's look into the five categories in detail and we shall then proceed to learn how the pg_hba file can be modified through this recipe:
- Connection type: A connection type can be of four types:
- local: A connection from the local Unix socket, for example, connections to localhost
- host: A connection from a remote host
- hostssl: Enables...