PostgreSQL pg_hba.conf to access policy configuration file, located by default in / var / lib / pgsql / 10 / data / directory (PostgreSQL10).
The profile has five parameters, namely: TYPE (host type), DATABASE (database name), the USER (user name), ADDRESS (IP address and mask), the METHOD (encryption method)
TYPE, there are four values
local: using Unix-hardliners domainsocket Host: using the TCP / the IP connection, the SSL may be, may not hostssl: SSL must be of hostnossl: must be non-SSL is
DATABASE:
Database name, can be "all", "sameuser", "samerole", "replication". all means all, but does not include replication. With multiple databases "," separated.
USER:
User name, which can be "all", means all, you can also specify a user. Multiple users with "," separated. Like DATABASE and can also be placed in the configuration file, the file name prefixed with @
ADDRESS:
It can be a host name, or by the IP address and CIDR mask composition. Mask may be an integer between 0-32 (IPv4) or 0-128 (IPv6), 32 represents a subnet mask of the subnet mask is represented 255.255.255.255,24 255.255.255.0. Host names. "" Beginning. samehost can match all hosts, samenet can match all hosts within the same mask.
Example: 192.168.10.122/32 represent a single host, 192.168.10.0 / 24 subnet 192.168.0.1 ~ 192.168.0.255 represents all hosts, 0.0.0.0 / 0 indicates all hosts.
METHOD:
Password encryption policy, password represents the password is sent in plain text, md5 and scram-sha-256 will be encrypted in a corresponding manner sending the password again.
