Re: purpose of an entry in pg_hba.conf file

as per response

"It allows anyone/anything on the local machine to connect to the database
without authentication. Whether that impacts any particular one/thing
depends on your personal setup."

There is already one line to serve your stated purpose
local all all trust

That's why I specifically raised this question for below from postgresql
experts
host all all 127.0.0.1/32 trust

So still I am not able to find a valid reason for keeping this entry. So
please help me in explaining the same.

Regards,

On Thu, Oct 26, 2023 at 11:56 PM David G. Johnston <
david(dot)g(dot)johnston(at)gmail(dot)com> wrote:

> Always reply to the list, it is ok to CC individuals. Also, the
> convention here is to inline post (or bottom if you must) as in my first
> reply; not top-post as you and I have done here.
>
> I'd suggest also putting into your own words what you believe the entry is
> providing/enabling. Read the relevant documentation for aid in formulating
> such a description.
>
> It allows anyone/anything on the local machine to connect to the database
> without authentication. Whether that impacts any particular one/thing
> depends on your personal setup.
>
> David J.
>
> On Thu, Oct 26, 2023 at 11:04 AM Atul Kumar <akumar14871(at)gmail(dot)com> wrote:
>
>> Hi,
>>
>> Could you elaborate more as it seems that your response doesn't satisfy
>> my query which is "what is the exact purpose of this entry and what
>> would be the impact of removing it on other tools/processes like pgbouncer,
>> pem, replication etc ?"
>>
>> I am yet to understand the impact of removing this entry.
>>
>>
>> Regards.
>>
>> On Thu, Oct 26, 2023 at 5:52 AM David G. Johnston <
>> david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
>>
>>> On Wed, Oct 25, 2023 at 5:11 PM Atul Kumar <akumar14871(at)gmail(dot)com>
>>> wrote:
>>>
>>>> Hi,
>>>>
>>>> As you know already, pg_hba.conf file always has the below entry after
>>>> successful installation of postgres.
>>>>
>>>> host all all 127.0.0.1/32 trust
>>>>
>>>>
>>>> Please let me know what is the exact purpose of this entry and what
>>>> would be the impact of removing it on other tools/processes like pgbouncer,
>>>> pem, replication etc ?
>>>>
>>>>
>>>>
>>> While that may be a true statement for installation from source I'm
>>> pretty certain most packagers have a more tightly controlled setup that
>>> doesn't involve "trust" authentication.
>>>
>>> The reason behind choosing to include that specific line is to minimize
>>> the amount of post-install effort needed for one to connect to the server
>>> from the local machine, which is often a personal machine with only the
>>> "DBA" having access to it.
>>>
>>> The better and more widely implemented default is requiring a password
>>> for host while accepting peer for local.
>>>
>>> All external tools should be told what credentials to use to connect to
>>> the server and those credentials added to the system and a more restrictive
>>> pg_hba.conf entry added to permit those connections. All trust connections
>>> in pg_hba.conf should be removed from it as quickly as possible.
>>>
>>> David J.
>>>
>>>
>>>