Change PostgreSQL Authentication Method from Ident to MD5

PostgreSQL supports multiple client authentication methods including: trust, reject, md5, password, gss, sspi, krb5, ident, peer, ldap, radius, cert, and pam. Here we’re only going to concern ourselves with two: ident and md5.

Pre-Flight Check

  • These instructions are intended specifically for changing the PostgreSQL Authentication Method from ident to md5.
  • I’ll be working from a Liquid Web Core Managed CentOS 7 server, and I’ll be logged in as root.
  • PostgreSQL is installed per our tutorial on: How to Install and Connect to PostgreSQL on CentOS 7.

Step #1: Switch to the PostgreSQL User: postgres

If you’re working from a default PostgreSQL installation, then PostgreSQL will be configured to use the ident authentication method. What this means is that we have to connect to PostgreSQL with an allowed user, which by default is the user postgres.

Since we’re logged in as root, switch to the default PostgreSQL user, postgres:

su - postgres

… then attempt a connection to PostgreSQL:

psql

… the correct, valid response will be similar to:

psql (9.3.9)
Type "help" for help.

postgres=#

Step #2: Add/Change the Password for the PostgreSQL User: postgres

Use the following command to change the password for your current user, which should be postgres:

\password

Enter your new password, and confirm it:

Enter new password:
Enter it again:

Now quit the psql interface:

\q

Step #3: Edit the Authentication Method

For a refresher on editing files with vim see: New User Tutorial: Overview of the Vim Text Editor.

Edit the configuration file:

vim /var/lib/pgsql/9.3/data/pg_hba.conf

Find:

# IPv4 local connections:
host    all              all             127.0.0.1/32             ident
# IPv6 local connections:
host    all              all             ::1/128                  ident

Change each ident to md5:

# IPv4 local connections:
host    all              all             127.0.0.1/32             md5
# IPv6 local connections:
host    all              all             ::1/128                  md5

Then exit and save the file with the command :wq.

Now restart PostgreSQL:

systemctl restart postgresql-9.3

Step #4: Verify Your Access

Switch back to the postgres user:

su - postgres

Enter the PostgreSQL command line:

psql

You should be prompted with the following (or similar):

Password:
psql (9.3.9)
Type "help" for help.

Enter your password, and you’re in!

Be Sociable, Share!
Here's $75, Launch a New VPS Today. Find out why 30,000 customers have chosen our Best-in-Class Performance & 24x7 Heroic Support.