Update 'Install_PostgreSQL_14_and_PostGIS_3'
parent
8ed2160b18
commit
a2cc7ad71b
|
@ -29,19 +29,19 @@ By default, Postgres only listens on localhost. However, by editing the listen_a
|
|||
|
||||
It’s now time to open the (in)famous pg_hba.conf configuration file, located at /etc/postgresql/10/main/pg_hba.conf:
|
||||
|
||||
`sudo nano /etc/postgresql/10/main/pg_hba.conf`
|
||||
`sudo nano /etc/postgresql/14/main/pg_hba.conf`
|
||||
|
||||
HBA stands for host-based authentication. Basically, this file is used to control how PostgreSQL users are authenticated.\
|
||||
`host all all 127.0.0.1/32 md5`\
|
||||
This line allows "all" users to login using TCP/IP ("host") from the localhost "127.0.0.1/32" to "all" databases, if they succeed in password authentication using the "md5" method. There are more password authentication methods (md5, scram-sha-256, gss, ldap, …) than we can cover, so let’s just get back to simpler examples.
|
||||
|
||||
In most cases the access is restricted to localhost and the clients vlan e.g.:
|
||||
In most cases the access is restricted to localhost and the management/client vlan e.g.:
|
||||
|
||||
```ini
|
||||
# existing entry, allows connections from localhost
|
||||
host all all 127.0.0.1/32 md5
|
||||
|
||||
# new entry to allow connections from 192.168.101.1/24 subnet,
|
||||
# new entry to allow connections from 192.168.1.1/24 subnet,
|
||||
host all all 192.168.1.1/24 md5
|
||||
|
||||
# ip of your webserver
|
||||
|
|
Loading…
Reference in New Issue
Block a user