Configure ysql_hba_conf_csv
The client authentication in YugabyteDB is managed by the T-Server --ysql_hba_conf_csv
configuration flag, which works similar to the pg_hba.conf
file in PostgreSQL.
The values include records that specify allowed connection types, users, client IP addresses, and the authentication method.
Records in the YugabyteDB ysql_hba.conf
file are auto generated based on the values included in the --ysql_hba_conf_csv
flag.
For example, starting a YB-TServer with the following --ysql_hba_conf_csv
flag will enable trust authentication for all users.
--ysql_hba_conf_csv='host all all 0.0.0.0/0 trust, host all all ::0/0 trust'
To display the current values in the ysql_hba.conf
file, run the following SHOW
statement to get the file location:
yugabyte=# SHOW hba_file;
hba_file
-------------------------------------------------------
/Users/yugabyte/yugabyte-data/node-1/disk-1/pg_data/ysql_hba.conf
(1 row)
and then view the file. Here is an example of ysql_hba.conf
file contents.
# This is an autogenerated file, do not edit manually!
host all all 0.0.0.0/0 trust
host all all ::0/0 trust