Dear Bob,
Thank you.?? hostssl works out of the box!?? It does not require extra
configuration.?? I can connect to my own pgsql server via pgadmin 4.?? I
personally feel that Postgresql v11 is much clever than Mysql v5.7 (I
haven't tried its v8).
I also have tested postgres against TCP Wrappers but it is not compiled
against TCP wrappers library.?? May I suggest the community to have
postgres to work with TCP wrappers.?? Its security will be better.
Regards,
Timmy
> Hi Timmy
>
> You need to use CIDR form in your pg_hba.conf. So:
>
> host all testuser 111.222.333.444/32 md5
>
> Most likely you would probably want to ensure ssl connection if coming
> over untrusted network. So, at minimum, this is better:
>
> hostssl all testuser 111.222.333.444/32 md5
>
> This is better still:
>
> hostssl testdb testuser 111.222.333.444/32 md5
>
> Better still (IMHO) is to keep it local and use ssh tunnel, but I
> understand that might be difficult and not necessarily desirable,
> depending on the context.
>
> Regards
> Bob