pgPedia

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Top / P

• Browse categories
• Random entry
• Blog
• PostgreSQL releases
  • PostgreSQL 16 (dev)
  • PostgreSQL 15 (latest)
  • PostgreSQL 14
  • PostgreSQL 13
  • PostgreSQL 12
  • PostgreSQL 11
  • PostgreSQL 10 (EOL)

Version charts

SQL commands
System catalog tables
System catalog views
System statistics views
File system functions

Contrib modules
Object Identifier Types
Progress reporting views
Storage parameters (relopts)
Predefined roles

Useful overviews

xlog renaming in Pg 10
Online tools for PostgreSQL
Abbreviations and acronyms

Useful links

PostgreSQL documentation
PostgreSQL feature matrix
PostgreSQL versioning policy
PostgreSQL latest versions

@postgrespedia

pg_hba.conf

pg_hba.conf ("hba" stands for "Host-Based Access") is one of PostgreSQL's main configuration files, which is used to determine which users can access which database from which host using which authentication method.

pg_hba.conf was added in Postgres95.

Location

By default pg_hba.conf is located in the instance's data directory. This can be overriden by explicitly setting the parameter hba_file at instance startup.

The location of pg_hba.conf can be determined by executing one of:

SHOW hba_file;

or

SELECT current_setting('hba_file');

Contents

The system catalogue view pg_hba_file_rules provides a summary of the current contents of pg_hba.conf and can be used to check for potential errors before attempting to apply changes.

Change history

Work-in-progress

• PostgreSQL 16
  • regular expressions (regexp) support added for database and user entries (commit 8fea8683)
  • support for file inclusion added (commit a54b658c)
• PostgreSQL 14
  • authentication option clientcert no longer supports the options 0, 1 and no-verify (commit 253f1025)
  • records can span multiple lines (commit 8f8154a5)
• PostgreSQL 10
  • logical replication connections now handled as normal connections, i.e. the replication keyword is no longer used (commit 8df9bd0b)
  • contents can be accessed via the view pg_hba_file_rules (commit de16ab72)
• PostgreSQL 8.4
  • pg_hba.conf now parsed in postmaster (commit 98723810)
  • authentication option clientcert added (commit 3c486fbd)
  • some Kerberos options can be set in pg_hba.conf, overriding postgresql.conf settings (commit 32c469d7)
  • former configuration parameters krb_realm and krb_server_hostname now pg_hba.conf options (commit 1b4e729e)
• PostgreSQL 8.0
  
  • configuration parameter hba_file added, enabling pg_hba.conf to be located outside the data directory (initial commit 130f89e9)
• PostgreSQL 7.4
  • support for IPv6 entries added (commit c3e9699f)
  • support for CIDR netmasks added (commit b78961b0)
  • line type hostnossl added (commit 397831e1)
• PostgreSQL 7.3
  • column USER added (commit 43a3543a)
• PostgreSQL 7.2
  • authentication method md5 added (commit bcb0ccf5)
• PostgreSQL 6.4
  • support for sameuser token added (commit 3f372ee6)

pg_hba.conf was added during the Postgres95 development phase (initial commit 57026d60)

References

Useful links

Categories

See also