|
1 | 1 | # |
2 | | -# PostgreSQL HOST-BASED ACCESS (HBA) CONTROL FILE |
| 2 | +# PostgreSQL HOST-BASED ACCESS (HBA) CONTROL FILE |
3 | 3 | # |
4 | 4 | # |
5 | 5 | # This file controls: |
|
101 | 101 | # be use only for machines where all users are truested. |
102 | 102 | # |
103 | 103 | # password: Authentication is done by matching a password supplied |
104 | | -# in clear by the host. If no AUTH_ARGUMENT is used, the |
105 | | -# password is compared with the user's entry in the |
106 | | -# pg_shadow table. |
| 104 | +# in clear by the host. If no AUTH_ARGUMENT is used, the |
| 105 | +# password is compared with the user's entry in the |
| 106 | +# pg_shadow table. |
107 | 107 | # |
108 | 108 | # If AUTH_ARGUMENT is specified, the username is looked up |
109 | 109 | # in that file in the $PGDATA directory. If the username |
|
118 | 118 | # passwords. |
119 | 119 | # |
120 | 120 | # crypt: Same as "password", but authentication is done by |
121 | | -# encrypting the password sent over the network. This is |
122 | | -# always preferable to "password" except for old clients |
123 | | -# that don't support "crypt". Also, crypt can use |
124 | | -# usernames stored in secondary password files but not |
125 | | -# secondary passwords. |
126 | | -# |
127 | | -# ident: Authentication is done by the ident server on the local |
128 | | -# or remote host. AUTH_ARGUMENT is required and maps names |
129 | | -# found in the $PGDATA/pg_ident.conf file. The connection |
130 | | -# is accepted if the file contains an entry for this map |
131 | | -# name with the ident-supplied username and the requested |
132 | | -# PostgreSQL username. The special map name "sameuser" |
133 | | -# indicates an implied map (not in pg_ident.conf) that |
134 | | -# maps each ident username to the identical PostgreSQL |
| 121 | +# encrypting the password sent over the network. This is |
| 122 | +# always preferable to "password" except for old clients |
| 123 | +# that don't support "crypt". Also, crypt can use |
| 124 | +# usernames stored in secondary password files but not |
| 125 | +# secondary passwords. |
| 126 | +# |
| 127 | +# ident: Authentication is done by the ident server on the local |
| 128 | +# (127.0.0.1) or remote host. AUTH_ARGUMENT is required and |
| 129 | +# maps names found in the $PGDATA/pg_ident.conf file. The |
| 130 | +# connection is accepted if the file contains an entry for |
| 131 | +# this map name with the ident-supplied username and the |
| 132 | +# requested PostgreSQL username. The special map name |
| 133 | +# "sameuser" indicates an implied map (not in pg_ident.conf) |
| 134 | +# that maps each ident username to the identical PostgreSQL |
135 | 135 | # username. |
136 | 136 | # |
137 | | -# krb4: Kerberos V4 authentication is used. |
| 137 | +# krb4: Kerberos V4 authentication is used. |
138 | 138 | # |
139 | | -# krb5: Kerberos V5 authentication is used. |
| 139 | +# krb5: Kerberos V5 authentication is used. |
140 | 140 | # |
141 | 141 | # reject: Reject the connection. This is used to reject certain hosts |
142 | | -# that are part of a network specified later in the file. |
143 | | -# To be effective, "reject" must appear before the later |
144 | | -# entries. |
| 142 | +# that are part of a network specified later in the file. |
| 143 | +# To be effective, "reject" must appear before the later |
| 144 | +# entries. |
145 | 145 | # |
146 | 146 | # Local UNIX-domain socket connections support only the AUTH_TYPEs of |
147 | 147 | # "trust", "password", "crypt", and "reject". |
|
0 commit comments