dbadmin Authentication Access
The dbadmin user must have access to the database at all times, and its authentication record should:
- Use one of the following authentication methods:
TRUST
with a LOCAL access methodHASH
- Have a high priority (e.g. 10,000) so it supersedes other authentication records like PUBLIC.
LOCAL TRUST
The following example creates an authentication record v_dbadmin_trust
with a high priority and grants it to the dbadmin user. The combination of the TRUST
method and LOCAL
access method allow the dbadmin to authenticate to the database without a password if the connection is local:
=> CREATE AUTHENTICATION v_dbadmin_trust METHOD 'trust' LOCAL; => ALTER AUTHENTICATION v_dbadmin_trust PRIORITY 10000; => GRANT AUTHENTICATION v_dbadmin_trust TO dbadmin;
HASH
The following example creates an authentication record v_dbadmin_hash
and grants it to the dbadmin user. The HASH
method indicates that the dbadmin's password is hashed with the database's SECURITY ALGORITHM. The HOST '0.0.0.0/0'
access method indicates that the dbadmin can connect remotely from any IPv4 address:
=> CREATE AUTHENTICATION v_dbadmin_hash METHOD 'hash' HOST '0.0.0.0/0'; => ALTER AUTHENTICATION v_dbadmin_hash PRIORITY 10000; => GRANT AUTHENTICATION v_dbadmin_hash TO dbadmin;
If you want to authenticate as the dbadmin from a local connection, but want to use the authentication record with the HOST
access method, specify the --host option with the hostname or IP address of the database:
$ vsql database_name user --host hostname_or_ip;