Hi Timmy You need to use CIDR form in your pg_hba.conf. So:
host all testuser 111.222.333.444/32 md5 Most likely you would probably want to ensure ssl connection if coming over untrusted network. So, at minimum, this is better: hostssl all testuser 111.222.333.444/32 md5 This is better still: hostssl testdb testuser 111.222.333.444/32 md5 Better still (IMHO) is to keep it local and use ssh tunnel, but I understand that might be difficult and not necessarily desirable, depending on the context. Regards Bob On Wed, 9 Oct 2019 at 13:34, Timmy Siu <timmy....@aol.com> wrote: > > Dear All Users, > > How do I allow an external client IP address access to my pgsql server? > > According to my own experience and test, if I set the external client IP > address to, for example, 111.222.333.444 in the file > /etc/postgresql/11/main/pg_hba.conf, it will not be able to connect to the > server: > #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? > ?????? METHOD > host?????? all?????? ?????? ?????? testuser ???? ?????? 111.222.333.444?????? > md5 > > I must set "address" to "any" as in the following: > #TYPE?????? DATABASE?????? ?? USER?????? ?????? ?????? ADDRESS?????? ?????? > METHOD > host?????? all?????? ?????? ?????? testuser ???? ?????? 0.0.0.0/0?????? ?? md5 > > > Can I limit access to my pgsql server through TCP Wrapper? What is the > related executable? > > > Regards, > Timmy > > ??
